Macs vulnerable to same remote firmware exploits as Windows PCs, researchers find
L33tdawg: Corey Kallenberg from Legbacore will be at #HITBGSEC in October to present an updated version of this research
Macs can still be successfully attacked using some of the same firmware vulnerabilities affecting many Windows PCs, a new proof-of-concept worm is said to demonstrate.
Superficially, the new attack — dubbed Thunderstrike 2 — appears similar to the namesake Thunderstrike vulnerability found last year and likely relies on some of the same attack vectors. It was created by security reseachers Trammell Hudson, who first discovered Thunderstrike, and Xeno Kovah, Wired reported on Monday.
Worryingly, the proof-of-concept worm could transfer automatically between two Macs without them being networked. It would escape direction by most scanning software, and even survive reformatting, leaving a "scorched earth" approach — re-flashing firmware chips — as the only method of mitigation.