Thunderstrike 2; 'Firmworm' Backdoors On Apple Macs

[jos]

last year demoed a malware that launches ahead of the operating system, from the moment the mac starts, and is hidden from security tools, most of which don’t delve so deep inside Macs’ innards. It’s probably the most surreptitious, devilish kind of malware one can get onto a mac, effectively granting an attacker total control over the computer. There was one major barrier to exploitation outside of labs, however: it required physical access to the target.

Now it can be delivered from anywhere on the planet. They could also jump between machines over infected Thunderbolt devices, creating a “firmworm”.

a ”firmworm” can be spawned. Any infected machine can transfer the exploits to a Thunderbolt device, which, when plugged into another Apple mac, will run the malicious code. This will help attackers jump over hurdles like air gaps, where target machines aren’t connected over any network.

Thunderstrike targets the Boot ROM firmware, the first process to run when the computer is switched on. Everything that launches after the Boot ROM is dependent on its security. It’s the deepest layer anyone can reach, making it the best place to hide whilst taking control of someone else’s Mac.

 

 

Wow it can attackover network and spread through thunderbolt flash chip and lies so deep.. It is nasty.. but not freaked out.. windows has taken major hits but survived.. but new to apple..

 

Source: http://www.forbes.com/sites/thomasbrewster/2015/08/03/apple-mac-firmworms/

[Yummychickenblue]

Apple's been. . . THUNDERSTRUCK!

[Guest]

Apple's been. . . THUNDERSTRUCK!

 

Got you covered 

[qwertywarrior]

Apple's been. . . THUNDERSTRUCK!

 

Got you covered 

[Yummychickenblue]

 

Got you covered 

pls

[DEDRICK]

I'll show you a firm worm!@

[Guest]

If it's thunderbolt firmware, wouldn't it infect anything with a thunderbolt port, not just Macs?

[Lethal Seraph]

How far behind is Apple compared to Windows when fighting against malware/virus?