Advertisements

Researcher Uses macOS App Screenshot Feature to Steal Privacy Information

Security researcher Felix Krause has discovered a macOS vulnerability that allows cybercriminals to take screenshots of the screen activity and then turn to apps featuring OCR to read the text.

In an analysis on his blog, Krause explains that the CGWindowListCreateImage function can be abused by any Mac app, no matter if it’s sandboxed or not, to take screenshots of the screen without users knowing about it, even when the app itself is running in the background.

Read More…

Advertisements