Security bug allows hackers to bypass encryption, intercept iCloud Keychain

Password security is vital but way too often neglected. And the problem comes not from unaware users who keep reusing weak passwords – it also comes from manufacturers who don’t focus enough on security flaws and vulnerabilities in their products.

Who would have thought an unreported flaw in iCloud Keychain would expose passwords and credit card data to hackers? And if that wasn’t bad enough, an attacker could have easily bypassed encryption and access all the data stored on Apple gadgets, found a researcher from security consulting company Longterm Security.

“While reviewing attack surfaces on iOS for potential sandbox escapes, we uncovered a critical flaw in a custom Off-The-Record implementation relied upon by iCloud Keychain Sync in addition to a memory trespass error (CVE-2017–2451),” explains Longterm Security co-founder Alex Radocea, who will give a full presentation on the issue at BlackHat USA.

According to Radocea, the bug is what authorities are regularly investigating in end-to-end encryption because it allows hackers to weaken the structure and intercept all data sent from the device.

Apple introduced iCloud Keychain with iOS7 to make it easier for users to sync their passwords and credit card numbers on all devices. Even if a device is lost, the data can be restored through the iCloud Keychain Recovery mechanism.

Prior to this discovery, iCloud Keychain was viewed as one of the safest password sharing tools due to its end-to-end encryption, but “the flaw undermined that end-to-end encryption capability and could have allowed a privileged attacker to steal user keychain secrets.”

Apple covered the unreported flaw in its recent security update piece, ensuring customers they have already investigated the matter which was fixed through Apple’s release of iOS 10.3.

Leave a Reply