© ROOT-NATION.com - Use of content is permitted with a backlink.
Cybersecurity experts representing Calif, a California-based company, managed to neutralize the advanced security system of the macOS operating system by using the Claude Mythos Preview AI model. It took the specialists only five days to complete this analytical work, while Apple spent five years to create the mentioned security tools. This was reported by the WSJ referring to the official materials of the company’s published report.
During the analysis, the analysts found a pair of vulnerabilities in the macOS operating system and formed a sequential chain of them. The initial bug allowed to disrupt the correct operation of the Mac’s memory, after which the second flaw opened access to isolated and protected areas of the platform. Such an algorithm is an attack aimed at increasing privileges. It is not capable of compromising a computer system on its own, but in combination with other hacking tools, it gives attackers the opportunity to establish absolute control over the attacked device.
The key achievement was the overcoming of the Memory Integrity Enforcement security complex. This technology was integrated by Apple developers in September last year, positioning it as the main result of unprecedented design and development activities that lasted for half a decade.
Calif CEO Tai Duong clearly emphasized in his commentary for WSJ that the AI model alone would not have achieved any result without the high qualification of his team of specialists. At the current stage of development, this AI is only able to reproduce previously described methods and is not able to create fundamentally new attack variants. In this experiment, AI acted not as an independent digital attacker but as a tool to speed up processes, which allowed to dramatically reduce the time interval between the emergence of an idea and the formation of an effective exploit.
Apple representatives are currently carefully studying the analytical data provided. According to Duong, the necessary security patches will be released in the near future, and detailed information about the structure of the Calif vulnerability is promised to be made public after the release of the corresponding patches. WSJ journalists also note that this incident has forced the White House leadership to reconsider its own strategy of non-interference in the processes of creating artificial intelligence systems. Currently, the government administration is working on a draft decree that will provide government agencies with the right to supervise the functioning of the most technologically advanced models.
Read also:
- Ukrainian FPV drone operators demonstrated their skills during NATO training exercises in Sweden
- Longer than Carthage: Fight for Ukrainian village of Mala Tokmachka breaks records for longest siege in history