Security & Privacy

According to The Register, a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than by installing files that leave traces. While malware generally installs files, which then act on a computer, this new attack allows hackers to send, via a network vulnerability, malicious commands and information which will never be stored on a Mac. When it goes into the memory of a running application, the code is active as long as the application is, and can eventually reproduce itself in other running applications.

The technique, discovered by Vincenzo Iozzo, and to be presented at next month’s Black Hat security conference, “allows someone to execute a binary completely within the OS X application or process that’s being attacked. That means the operating system doesn’t need to open a new process and the exploit code need not ever touch the hard disk of the infected machine,” the article says. (Note that while the code may be written to virtual memory swap files, it will not be stored on the computer’s hard disk in file format.)

Attacks using this technique will still need to exploit a vulnerability in an application that has access to the Internet, such as Safari or QuickTime, but if it gets through those cracks, it could do serious damage. Since Apple is notoriously slow in issuing security updates, there’s a real potential that this type of attack can harm man Macs.