Calif Cybersecurity Researchers Defeat Apple Mac OS Memory Integrity Enforcement in Five Days Using Claude Mythos AI System to Exploit Major Vulnerabilities
Calif a cybersecurity firm in California was reportedly able to defeat Mac OS security in 5 days. This hack exploited Apple’s Memory Integrity Enforcement architecture. According to Apple this defense mechanism took them 5 years of rigorous engineering and design. Researchers were able to compromise the memory protection with an artificial intelligence system, Claude Mythos, which shortened the timeline required to produce an exploit for the Mac OS dramatically.
Technically, two separate vulnerabilities were combined to produce a working attack. First, the memory in the target machine could be corrupted, and second, an attack to elevate privileges within the operating system could be conducted. Together these exploits could grant an intruder full control of the target computer. This is noteworthy because Apple reportedly added Memory Integrity Enforcement as a key defense in its Mac OS systems in September of last year as a way to defend against advanced threats.
In an interview with the WSJ, Calif’s CEO Tai Duong stated:
"the Claude Mythos model was not itself able to attack anything as it has not been equipped with a capability to create hacking methodologies yet."
As stated, this is to suggest that the AI system simply acted as a boost which enabled the researchers to speed up their work and generate a working exploit for Mac OS from the discovery of a bug in half the time it takes for an advanced team to hack through such defenses.
Apple representatives are looking into the details of the hack, as they've acknowledged finding the bug and are working to patch it by rolling out an update with security patches to its OS in the near future. This issue points to a broader problem in the security domain as AI technologies are increasingly being employed in discovering memory exploits more quickly.
