Posted on: 08:12 AM IST Aug 04, 2015 | Updated on: 8:17 am,Aug 4,2015 IST
New Delhi: A firmware bug that affected many Windows PCs is now found to be affecting Apple Macs too.
The new proof-of-concept attack, dubbed Thunderstrike 2, is similar to the Thunderstrike bug found last year in Windows PCs.
The worm could transfer automatically between two Macs without them being networked and also escape direction by most scanning software, survive reformatting, and leave a ‘scorched earth’ approach, which means re-flashing firmware chips, as the only method of mitigation, a report on Apple Insider notes.
Thunderstrike 2 targets the option ROM on peripherals like Ethernet adapters and SSDs and spread by connecting an infected device to a Mac. Further it could also be delivered through an email or malicious website.
The code is based on research by security reseachers Trammell Hudson, who first discovered Thunderstrike, and Xeno Kovah.
Last year it was found that the exploits affected PCs by companies like Dell, HP, and Lenovo and five out of six of them are potentially applicable to Macs as Apple too relies on the same reference implementations.
Apple has reportedly patched one of the security loopholes. However, there is no word if the fixes have been included in the changes made in the latest OS X 10.10.2 to address Thunderstrike, or are separate updates.
The researchers suggest that computer makers should be cryptographically signing firmware and upgrading their hardware to allow authentication. Also, write-protect switches could improve protection as could a tool for users to check if firmware has been changed.
Watch the video below to see how the exploit works: