Apple Macs Are Delicious Meal For Pesky Thunderstrike 2 Firmware Worm
Image credit: Apple
After discovering the firmware vulnerabilities, the researchers were able to create Thunderstrike 2, a proof-of-concept worm that can infiltrate Macs via their firmware. The worm can move from one laptop to another via your peripherals and (in theory) can spread without detection. What makes Thunderstrike a better worm than most of the malware we see today is that it doesn’t have to move over networks and can avoid scanning detection by infecting your computer’s BIOS. Plug a device into your Mac’s Thunderbolt port and the worm will infect your peripheral. Move to another computer, and the worm will take hold the next time the computer boots.
The worm hides in the ROM on peripherals, which makes spreading the worm a piece of cake: simply infect some peripherals, sell them online, and you’ll soon have complete control of those computers, if the researchers are right this vulnerability.
Firmware attacks have been a problem for PCs for ages, though manufacturers have had some success with patches (notably Dell and Lenovo). Now, it’s Apple’s turn to batten its hatches, and it has already patched one vulnerability and is at work on another, though some vulnerabilities remain.