Do you own a Mac? Did you think it was virus proof? Well this article is about to shatter that bubble completely. As they are becoming more and more popular, Macs are now not immune to virus anymore. Or in this case worms. There is a new worm out there that can cause huge amounts of damage to your Mac.
The worm works by attacking the computer’s firmware, the software that comes pre-installed and loads the operating system. Firmware provides control, monitoring and data manipulation in engineering products or systems.
The cybersecurity research work on the worm was carried out by Xeno Kovah, owner of LegbaCore, and Trammell Hudson, a security engineer with Two Sigma Investments.
According to the researchers, an attack can occur via a phishing email (an email sent from a fake “trusted institution” like a bank) or a malicious website containing the worm. Once activated, the malware would look out for any peripherals connected to the computer, such as an Ethernet adapter, which it would then infect. The worm could then spread to any other computer to which the adapter gets connected. Once connected, the worm writes malicious code to the firmware of the MacBook.
Thunderstrike 2 can’t be removed with traditional anti-malware security program, either. It requires programming the computer’s chip. This is where this worm is really bad.
Kovah and Kallenberg said that the worm was developed to showcase vulnerabilities in Apple devices. According to Vice, Apple has been notified has already fixed one type of vulnerability and partially patched another. Three are still unresolved.
The consultants will showcase the worm at the Black Hat security conference in Las Vegas on Thursday. The goal is to push tech companies to take security more seriously.
Kovah said some vendors are active about removing vulnerabilities in their firmware but others are not.