XARA – An old way to hack: Cross Application Resource Access

Cross Application Resource Access = XARA  is another way to hack applications on a computer, it was researched with the following paper:  https://drive.google.com/file/d/0BxxXk1d3yyuZOFlsdkNMSGswSGs/view

xara-justimages

The Mac OSX and iOS operating systems were tested in the research paper by the 6 researchers:  Luyi Xing,  Xiaolong Bai, tongxin Li, XiaoFeng Wang, Kai Chen, and Xiaojing Liao

In fact the researchers contacted both Apple and Google  (Chrome is an app in Mac OSX) to notify them about this potential problem.

Research was first reported by The Register  (UK info tech paper “Biting the hand that feeds IT”)

from http://krebsonsecurity.com/2015/06/critical-flaws-in-apple-samsung-devices/ 

icloud-security-code

So unfortunately  this iCloud Keychain password may be hacked by a good malware app designed with the researcher concepts.

 

Here the Register explains that Apple has been silent for six months in regard to this vulnerability: http://www.theregister.co.uk/2015/06/17/apple_hosed_boffins_drop_0day_mac_ios_research_blitzkrieg/

{“Recently we discovered a set of surprising security vulnerabilities in Apple’s Mac OS and iOS that allows a malicious app to gain unauthorised access to other apps’ sensitive data such as passwords and tokens for iCloud, Mail app and all web passwords stored by Google Chrome,” Xing told The Register‘s security desk.}

 

This means that all Apple devices (Mac OSX and iOS) have a zero day flaw, so viruses and malware are coming… How long will it take for a dangerous app to insert itself with a clever phish?

The researchers found 88.6% of 1612 OSX and 200 iOS apps were completely exposed to XARA.

 

Google fixed the keychain integration into Chrome since it cannot be solved at the application level. whereas Apple required advance research paper disclosure and has not responded since Feb 2015.  We need to pressure Apple into fixing this problem.

 

 

So what does this mean to all Apple users? Be extra vigilant of apps that you install. Not all apps are safe, and especially if you have jailbroken the device (which means you likely have already installed installed non-Apple verified apps).

The YouTube  video of a keychain vulnerability on MacOSX

https://www.youtube.com/watch?t=33&v=IYZkAIIzsIo

Since Apple thought it was immune due to its app isolation mechanism which has now been circumvented.  I wonder if Apple checks for this vulnerability when testing apps to be placed in their app store?  Obviously as of when the researchers tested

 

 

 

Advertisements