Ask the average Mac user why they chose their Apple product over any other PC – chances are they’ll tell you it’s because of the security. Common thought is that Apple computers are safer because their firmware can’t be penetrated – however, that’s simply not the case anymore.
Security researchers Xeno Kovah and Trammell Hudson have uncovered a worm that they’re calling “Thunderstrike 2”, which is capable of infecting Macs and can’t be removed by either flashing the operating system or even replacing the hard drive. Even worse? The attack is able to spread across Macs even when they’re not connected to Internet networks.
How Does It Spread?
Kovah and Hudson found that the bug could infect computers by installing itself in the ‘option ROM’ on peripheral devices that plug into your Mac, such as Apple’s Thunderbolt Ethernet adapter.
Because of this, the vulnerability can be exploited quite easily. For example, attackers can sell infected Ethernet adapters on eBay – once you plug the adapter in, your Mac will be infected. With unknowing users falling victim, the bug could literally spread around the world, infecting huge numbers of devices and subverting their systems.
So – Is Your Mac Safe?
If hardware makers cryptographically signed their firmware and accompanying updates, there would be an added layer of protection against these attacks. While vendors like Lenovo and Dell have been active in trying to remove firmware vulnerabilities, Apple has not taken such an initiative, making your computer vulnerable.
Making a bad situation worse – Ars Technica has reported that hackers have been exploiting vulnerability in the latest version of OS X, which allows them to install malware without even gaining a users permission or passwords.
It’s absolutely crucial that no matter what device you use, you’re always staying informed and being cautious when it comes to protection. To learn more about security for your Mac device and other IT security solutions, get in touch with Compunet InfoTech at firstname.lastname@example.org or (604) 986-8170 .
Author: Joe Martin, Date: 2015-08-14