Researchers Have Created a Worm Which Can Infect Macs Permanently

Researchers Have Created a Worm Which Can Infect Macs Permanently


Macs have always been heralded as a lot more secure when it comes to the two main operating systems. However, researchers present at the firmware level think otherwise. A recent Black Hat presentation done by Xeno Kovah, Corey Kallenbeg and Trammell Hudson demonstrated that Macs also face the same vulnerabilities just like their Windows counterparts do.

The exploit tends to be especially troubling since now phishing mails or clicks on links on malicious sites could easily compromise the computer. This tends to be in addition to the kind of exploit that was shown last year in which the worm spread by the ROM of the infected external drives along with the accessories like Thunderbolt to the ethernet adapter. These exploits are nearly impossible when it comes to their detection because security software will never scan the firmware while re-installing the system won’t remove the problem as well.

The exploit shows that the firmware isn’t usually encrypted when it comes out of the factory and therefore doesn’t authenticate the updates which are received from the manufacturer. The researchers also say that they’ve alerted Apple regarding this issue.

This is said to be the second Thunderstrike which can exploit a targeted Mac. The first one was fixed with the OS X 10.10.2 update and required physical access of the computer for a hack. However, this new version can cause more damage as this malware can simply be delivered through a link. However, the latest OS X security update 10.10.4 is said to keep this exploit from taking hold.