Skip to main content

Macs Can Be Hacked With Synthetic Dismissal On Warning Boxes

By August 24, 2018June 3rd, 2022Cybersecurity

Depending on the lens you view him through, Patrick Wardle (former hacker for the NSA and macOS security expert) is either your best friend or your worst nightmare.

Most people (whether fans of Apple or not) will readily concede that the company works hard to make their products as secure as possible.  Unfortunately, at this year’s Def Con hacker convention in Las Vegas, Wardle made a presentation that is currently sending shockwaves through the Apple user community. He exposed a major security flaw in the company’s products that impacts many of their secondary defensive measures.

Normally, when an Apple device detects an action that is potentially malicious, Apple’s OS will block it, then display an alert box to let the user know.

Unfortunately, as Wardle demonstrated, it is a trivial task for a hacker to generate a “synthetic click” to dismiss the warning box. This could be done in the blink of an eye, or with only slightly more effort, and be made utterly invisible to the end-user.

As Wardle puts it, “The ability to synthetically interact with a myriad of security prompts allows you to perform a lot of malicious actions.  Many of Apple’s privacy and security-in-depth protections can be trivially bypassed.”

This is hardly a new trick.  Over the years, several malware strains have used synthetic clicks to dismiss warning boxes, so Apple is certainly no stranger to the strategy.  In response, they have given their OS some ability to detect and ignore synthetic clicks, but as Wardle demonstrated, it’s far from perfect and even a fully updated High Sierra system was not completely protected.

Wardle concluded his presentation with the following: “I wasn’t trying to find a bypass, but I uncovered a way to fully break a foundational security mechanism.  If a security mechanism falls over so easily, did they not test this?  I’m almost embarrassed to talk about it.”

Apple has not yet responded to Wardle’s presentation.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.