Apple computers have always been presented as safer than other PCs since their firmware can not be infected. Unfortunately, this is no longer true, as you will read later in this article. If your Mac is infected with malware after a new vulnerability, security researchers mention that there no cure . Even if you clean your hard drive or reinstall OS X, your computer will be infected permanently. And the only remedy is to throw your hard drive ... at least in theory.
See also : Minecraft: beta edition is available for Windows 10
In the past, Apple has claimed that its Macs were not vulnerable to known attacks firmware on PCs, but the researchers say Thunderstrike 2 outlines the MacBook to similar vulnerabilities. Unlike attacks on PC, infections on a Mac are "rooted in the material," said the researcher, Corey Kallenberg and his team in a statement on the session on Thunderstrike 2 at the Black Hat.
"People hear about attacks on PCs and they assume that Apple's firmware is better," said security researcher Xeno Kovah in an interview with Wired. "As we try to understand that every time you hear about EFI firmware attacks is almost on all x86 computers " , he continues.
Kovah and his team found that five of the six PC vulnerabilities could affect the firmware of the Mac.
Vulnerability firmware
"It turns out that almost all the attacks that we found on PCs are also applicable to Mac" , said Kovah. "Most of the users and organizations do not have the resources to open their machine physically and electrically reprogram smart " , he said, to allow remove malware.
The attack happens at the BIOS level and is targeted to the firmware of the computer. When you turn on your computer, the EFI firmware will boot and run the operating system. Often, the firmware is vulnerable because it is not signed by the manufacturer and sometimes there is nothing that prevents users to load files firmware illegitimate. Since the firmware remains even if the OS is restored or deleted, the attack is persistent.
"What we also found is that there really is a strong likelihood that the vulnerability also affects the MacBook, because Apple uses a similar EFI firmware," said Kovah. The researchers performed a demonstration of their findings at conferences Black Hat and Def Con security, and that the malware is difficult to detect because malware detectors generally not scan the firmware .
A single Thunderbolt cable is needed
To infect a Mac, the researchers reported that the malware of firmware can be delivered by an email phishing or when users visit a malicious Web site. Once infected, the firmware will review the Mac for connected devices that contain Option ROM . This could include the accessories connected to the Thunderbolt port. So even scarier since the attack can spread through the Mac without a network connection . Once these accessories are infected, they can spread to other Macs once connected. After the computer restarts, the infected attachment will write the malware in the BIOS.
Although this method of delivery is similar to a malware arrived by USB, Thunderstrike 2 goes further by infecting the BIOS rather than the operating system, which makes the malware difficult to detect and almost impossible to remove
And now?
Now that you said that, you are all in freaking what? The researchers suggest that manufacturers like Apple, must sign their firmware with a digital signature and work against a write protection so that only a firmware can be loaded permitted.
You'll understand your side all you have to do is to always check the content you want to open. And before you throw your Mac, call me I want to recover well.
See also : Minecraft: beta edition is available for Windows 10
In the past, Apple has claimed that its Macs were not vulnerable to known attacks firmware on PCs, but the researchers say Thunderstrike 2 outlines the MacBook to similar vulnerabilities. Unlike attacks on PC, infections on a Mac are "rooted in the material," said the researcher, Corey Kallenberg and his team in a statement on the session on Thunderstrike 2 at the Black Hat.
"People hear about attacks on PCs and they assume that Apple's firmware is better," said security researcher Xeno Kovah in an interview with Wired. "As we try to understand that every time you hear about EFI firmware attacks is almost on all x86 computers " , he continues.
Vulnerability firmware
"It turns out that almost all the attacks that we found on PCs are also applicable to Mac" , said Kovah. "Most of the users and organizations do not have the resources to open their machine physically and electrically reprogram smart " , he said, to allow remove malware.
The attack happens at the BIOS level and is targeted to the firmware of the computer. When you turn on your computer, the EFI firmware will boot and run the operating system. Often, the firmware is vulnerable because it is not signed by the manufacturer and sometimes there is nothing that prevents users to load files firmware illegitimate. Since the firmware remains even if the OS is restored or deleted, the attack is persistent.
"What we also found is that there really is a strong likelihood that the vulnerability also affects the MacBook, because Apple uses a similar EFI firmware," said Kovah. The researchers performed a demonstration of their findings at conferences Black Hat and Def Con security, and that the malware is difficult to detect because malware detectors generally not scan the firmware .
A single Thunderbolt cable is needed
Although this method of delivery is similar to a malware arrived by USB, Thunderstrike 2 goes further by infecting the BIOS rather than the operating system, which makes the malware difficult to detect and almost impossible to remove
And now?
Now that you said that, you are all in freaking what? The researchers suggest that manufacturers like Apple, must sign their firmware with a digital signature and work against a write protection so that only a firmware can be loaded permitted.
You'll understand your side all you have to do is to always check the content you want to open. And before you throw your Mac, call me I want to recover well.