Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Mac OS X Lion Login Passwords Extracted With Ease

Passware, a provider of password cracking software, today said that the latest edition of its flagship password cracking forensic suite, Passware Kit Forensic v11, can extract Mac OS X Lion user login passwords from system memory in a matter of minutes.

Passware, a provider of password cracking software, today said that the latest edition of its flagship password cracking forensic suite, Passware Kit Forensic v11, can extract Mac OS X Lion user login passwords from system memory in a matter of minutes.

Mac OS Lion PasswordsThe Mac OS vulnerability relates to user login passwords that are stored in the system memory even if the computer is locked or put into a sleep mode. Passware’s software captures live Mac computer memory over FireWire and analyzes it, extracting these passwords, a process that the company says takes just a few minutes–regardless of password strength and use of a FileVault encryption. The vulnerability is present in all modern versions of Mac OS, including Mac OS X 10.6 Snow Leopard and the latest Mac OS X 10.7 Lion, released last week.

As Apple’s operating system has increased in popularity in recent years, so have security threats for users. Passware President Dmitry Sumin notes, “Long touted as a stable and secure operating system, Mac users are cautioned that the newest operating system has a potential vulnerability that enables password extraction from devices running Mac OS Lion.”

While this type of “hack” isn’t necessarily new in theory, it’s the ease of executing it with utilities available to anyone that is the key here–similar to how FireSheep enabled HTTPS session hijacking to the masses.

Want to protect yourself against this vulnerability? Passware says the security risk is easy to overcome by simply turning off the computer instead of putting it to sleep, and disabling the “Automatic Login” setting. This way, passwords will not be present in memory and cannot be recovered.

Secure Development Resource: Designing Security for Newly Networked Devices

Passware previously used the same technique to decrypt hard disks encrypted with BitLocker and TrueCrypt.

“I am a Mac user myself, but it’s important to understand the limitations of your computer’s security, even if you are not a computer forensics expert,” Sumin added. “If data stored is confidential, it is important to ensure physical security of the computer. One might also consider using additional encryption software.”

Passware Kit Forensic provides password recovery for any protected file detected on a PC or over the network while scanning, revealing hidden and protected data files on anyone’s computer.

Advertisement. Scroll to continue reading.

Additional Mac OS related features of Passware Kit Forensic 11 include:

• Recovery of login passwords from Mac OS X users database

• Recovery of passwords for Mac keychain files, which gives access to user information contained in these files: saves passwords (for websites, network shares, wireless networks), private keys, certificates, etc.

Anyone can purchase Passware Kit Forensic directly from Passware or via a network of resellers worldwide for $995 with one year of free updates.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

The Zero Day Dilemma

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...