Apple Not Immune To Firmware Hacks, Researchers Show Through A Malicious Worm

By Peter R - 04 Aug '15 13:00PM

Researchers have bust a myth that firmware on Mac is safer than PCs.

Xeno Kovah and Trammell Hudson are set to discuss their research on August 6 at the Black Hat security conference in Las Vegas. Their research shows how common vulnerabilities that compromise PC firmware or BIOS and systems can also affect Macs. These vulnerabilities when exploited by a worm do not need connectivity to the internet to cause damage but can spread from device to another through what is called option ROM on peripheral devices.

The researchers demonstrated to WIRED how vulnerabilities can be exploited using an Apple Thunderbold to Gigabit Ethernet adapter. They had developed a worm called Thunderstrike 2 that exploits the vulnerability to demonstrate it. The worm could pass between computers undetected. As it remains at a level lower than the operating system, it can easily avoid detections.

Ever since the vulnerabilities were shown to Apple, a few have been patched. Kovah and Hudson say that manufacturers should cryptographically sign the firmware to prevent unauthorized access and overwriting of the code. An added level of security could be providing users with access to the code. Regular checksum testing by the user can reveal if the firmware has been tampered with.

Fun Stuff

The Next Read

Real Time Analytics