Macs vulnerable to permanent virus
As if things aren’t complicated already with Windfows machines and Mac
computers seemd to be the save haven for all those users who don’t want
to waste time on thinking about virus scanners and the like, there’s now a
very disturbing news circulating around.
It seems as if Macs are vulnerable to a very nasty virus, called Thunderstrike which is able to write into the Mac’s boot ROM and thus infecting even freshly setups of MacOSX. The question is, how is it possible for a virus to hardcode itself into the BootROM? Is it, like many graphics cards’ BIOSses flashable?
Discovered during a security leak inspection by a certain Trammell Hudson, who works for Two Sigma Investments and being the founder of the Magic Lantern open-source programming environment for Canon DSLR cameras, found the vulnerability during a security check of Apple notebooks his company has given him as a task.
It seems as if one can tamper with the Boot ROM if he gains physical access to the memory chip holding the BootROM. But if you think, that’s all, think again! It seems as Apple’s own creation, namely the Thunderbolt interface, allows access to the BootROM also if fed with the correct commands. Scary stuff, eh? So imagine this: You attach an USB stick to your Mac for echanging data and without knowing, the little Thunderstrike fracker is residing on it rendering your Mac almost useless as it will be permanently compromitted. The only thing is to entirely unsolder the BootROM and install a fresh, untampered BootROM chip back on. Very expensive repairing charges may be the result of this.
About the virus itself, the possibilities are grand: Key logging, spying, activation and deactivation of several features, spying on transmission of data, virtually everything, a hacker could dream of!
Fortunately it seems as if Apple is already aware of this problem and plans to issue an update that (at least) prevents the thunderbolt interface being able to tamper with the BootROM. However it’s doubtful if this update can also prevent direct access tampering. I doubt it as it would also mean to lock the BootROM for normal updates as well.
So I guess, the “You got a virus” laughing times at Windows users are over now as it could also hit Macs – severely, that is!
Leave a comment