Security

What Is KeySteal? macOS Keychain Exploit Explained

With the dust still not settled after the FaceTime privacy bug, news about another macOS vulnerability is already making headlines in top-tier media. It's called macOS keychain exploit, and if you're a Mac user hearing about it for the first time, do yourself a favor and read this article attentively.

MacOS keychain exploit: what happened?

As it turns out, Keychain—macOS app designed to securely store passwords and other user credentials—is not as secure as Apple wants us to believe. A German security researcher, Linuz Henze, revealed via Twitter, anyone can steal your passwords using an app called KeySteal.

 

To take advantage of this macOS keychain vulnerability, a password hacker would first need to install this malicious app (KeySteal) on the victim's Mac. Of course, such a situation isn't likely to happen (unless you have a few password hackers hanging out around your Mac every now and then). However, this case demonstrates how little it takes to break into "the most secure password storage" ever.

What is KeySteal?

KeySteal is a malicious app designed to extract user passwords and other credentials stored in macOS Keychain without administrator privileges.

 

KeySteal was written by an 18-year-old security expert from Germany. It looks like his intention was to show the world how insecure their privacy really is and, most importantly, to convince Apple of the necessity of offering a bug bounty program for macOS.

 

KeySteal effectively does its job on all versions of macOS, including the recently updated macOS Mojave.

How did Apple respond to the macOS keychain vulnerability news?

As we know now, Apple did contact Linus Henze regarding the vulnerability he found. They asked him to provide details about his exploit and he agreed to do so if they will publicly explain why they do not run a bug bounty program for macOS (like they do for iOS).

 

Apple did not respond. At least at time of writing this article.

masOS keychain exploit keysteal email from Linus Henze
Image source: Twitter account of Linuz Henze

While it's a good sign Apple reached out in the first place, it looks suspicious that they refused to meet such a simple request—especially, given that the data privacy of their entire user base is at stake.

 

Furthermore, the Apple website is sending mixed signals about the severity of the issue. The top ranking search result for “Apple Keychain breach” outright contradicts the the following 2 results.

is macOS keychain safe

What should you do as a regular Mac user?

If you're worried about falling a victim to this troublesome bug, there are 2 simple steps you can take to protect your privacy.

 

Change your default Keychain password to a unique (and strong) one

 

Remember that downloading apps from suspicious, unofficial sources can put your online security and privacy at risk

The closing word on KeySteal and macOS keychain exploit

If there is something valuable to learn from this story, let this be it: calling something completely secure is not enough. This worrisome bug should serve as another good lesson to Apple. We wish Linuz Henze best of luck convincing Apple to run a bug bounty program. Obviously, it wouldn’t hurt.

Download Pro Cleaning & Security App

*You can download the app for free and try its functionality yourself before making a purchase.

Use your Mac to the fullest! Sign up and get:
Effective tips on how to fix Mac issues
Reliable advice on how to stay safe online
Mac-world news and updates

Thank you!

You’ll love exploring your Mac with us.

Oops, something went wrong.

Try again or reload a page.

Here’s another sign you need to upgrade your macOS ASAP:

30% off your MacKeeper subscription

Сopy the code now and use it in the MacKeeper checkout after the upgrade.

Copy Code

Please be aware that this code cannot be combined with any other discounts, offers, or promotions.

Contents

Unlocked
PC

MacKeeper - your all-in-one solution for more space and maximum security.

Try Now

Read more

macOS Bundlore: Mac Virus Bypassing macOS Security Features
macOS Bundlore: Mac Virus Bypassing macOS Security Features
How Many Computer Viruses Are There in the World?
How Many Computer Viruses Are There in the World?
arrow

Run Application

step_1

Click Continue

step_2

Click Install

step_1

Your macOS version is lower than OS 10.11. We’d like to offer you MacKeeper 4 to solve the cleaning, privacy, and security issues of your macOS.