YOU ARE AT:DevicesNew worm exposes Apple security risks

New worm exposes Apple security risks

Thunderstrike 2 infects firmware; fix is to re-flash chip

Two computer researchers have created a new firmware worm, Thunderstrike 2, which calls into question the airtight security usually associated with Apple MacBook products.

The research, which has resulted in a proof-of-concept, was done by Xeno Kovach of LegbaCore, and Trammel Hudson of Two Sigma Investments.

The powerful attack allows for remote targeting and can’t be detected by security scans. Because it infects the computer’s firmware, the only way to get rid of Thunderstrike 2 would be to re-flash the computer chip, according to Wired.

Kovach told Wired the attack is “really hard to detect, it’s really hard to get rid of and it’s really hard to protect against something that’s running inside the firmware. For most users that’s really a throw-your-machine-away kind of situation. Most people and organizations don’t have the wherewithal to physically open up their machine and electrically reprogram the chip.”

RT reports that an attack can occur via a phishing e-mail or from a website. Once the worm is going, it could infect an Ethernet adapter as a jump off to infecting another computer.

“It turns out almost all of the attacks we found on PCs are also applicable to Macs,” Kovach told Wired. “Most of these firmwares are built from the same reference implementations, so when someone finds a bug in one that infects Lenovo laptops, there’s a really good chance it’s going to affects Dells and HPs. What we also found is that there is really a high likelihood that the vulnerability will also affect MacBooks. Because Apple is using a similar EFI firmware.”

Apple has been made aware of the security lapses and has fixed some problems and is working on others, according to reports.

ABOUT AUTHOR

Sean Kinney, Editor in Chief
Sean Kinney, Editor in Chief
Sean focuses on multiple subject areas including 5G, Open RAN, hybrid cloud, edge computing, and Industry 4.0. He also hosts Arden Media's podcast Will 5G Change the World? Prior to his work at RCR, Sean studied journalism and literature at the University of Mississippi then spent six years based in Key West, Florida, working as a reporter for the Miami Herald Media Company. He currently lives in Fayetteville, Arkansas.