{"id":696,"date":"2009-02-23T11:58:31","date_gmt":"2009-02-23T10:58:31","guid":{"rendered":"http:\/\/blog.intego.com\/?p=696"},"modified":"2009-02-23T11:58:31","modified_gmt":"2009-02-23T10:58:31","slug":"new-mac-os-x-memory-injection-attack-presented","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/","title":{"rendered":"New Mac OS X Memory Injection Attack Presented"},"content":{"rendered":"<p>About a month ago, <a href=\"https:\/\/www.intego.com\/mac-security-blog\/a-new-type-of-mac-attack-on-the-horizon\/\">we reported<\/a> that, &#8220;a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than by installing files that leave traces.&#8221; The researcher, Italian student Vincenzo Iozzo, <a href=\"http:\/\/www.dailytech.com\/Hacker+Unveils+Stealthy+Memory+Injection+Attack+in+Mac+OSX\/article14340.htm\">has presented<\/a> this vulnerability at the Black Hat conference. (You can see a <a href=\"http:\/\/blackhat.com\/presentations\/bh-dc-09\/Iozzo\/BlackHat-DC-09-Iozzo-Macho-on-the-fly.pdf\">PDF of his presentation here<\/a>.)<\/p>\n<p>It is important to note that such attacks cannot, currently, obtain administrator privileges, and can therefore only affect a user&#8217;s files (though if it deletes files, that could be annoying enough for anyone who does not perform regular backups). But it may allow the recording of keystrokes, including passwords, that could be sent to a remote server. The attack currently requires exploiting vulnerabilities in Safari, which is fast becoming one of the weak points of Mac OS X. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>About a month ago, we reported that, &#8220;a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than by installing files that leave traces.&#8221; The researcher, Italian student Vincenzo Iozzo, has presented this vulnerability at the Black Hat conference. (You can see a PDF of his [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[7,13],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"About a month ago, we reported that, &quot;a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Mac OS X Memory Injection Attack Presented - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"About a month ago, we reported that, &quot;a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2009-02-23T10:58:31+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/\",\"name\":\"New Mac OS X Memory Injection Attack Presented - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"datePublished\":\"2009-02-23T10:58:31+00:00\",\"dateModified\":\"2009-02-23T10:58:31+00:00\",\"description\":\"About a month ago, we reported that, \\\"a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Mac OS X Memory Injection Attack Presented\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"New Mac OS X Memory Injection Attack Presented\",\"datePublished\":\"2009-02-23T10:58:31+00:00\",\"dateModified\":\"2009-02-23T10:58:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage\"},\"wordCount\":143,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"articleSection\":[\"Apple\",\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"About a month ago, we reported that, \"a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/","og_locale":"en_US","og_type":"article","og_title":"New Mac OS X Memory Injection Attack Presented - The Mac Security Blog","og_description":"About a month ago, we reported that, \"a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than","og_url":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/","og_site_name":"The Mac Security Blog","article_published_time":"2009-02-23T10:58:31+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/","name":"New Mac OS X Memory Injection Attack Presented - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"datePublished":"2009-02-23T10:58:31+00:00","dateModified":"2009-02-23T10:58:31+00:00","description":"About a month ago, we reported that, \"a security researcher has found a new way to attack Macs by injecting hostile code directly into memory, rather than","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"New Mac OS X Memory Injection Attack Presented"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"New Mac OS X Memory Injection Attack Presented","datePublished":"2009-02-23T10:58:31+00:00","dateModified":"2009-02-23T10:58:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/new-mac-os-x-memory-injection-attack-presented\/#webpage"},"wordCount":143,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"articleSection":["Apple","Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-be","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/696"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=696"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/696\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=696"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=696"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}