Most people think that Apple computers are more secure compared to PCs. That notion is about to change though as a couple of researches have created a proof-of-concept worm that can infect Macs.
The worm is called Thunderstrike 2, and it can be delivered via e-mail or malicious website. Once executed, the worm will itself and then search for external hardware connected to the Mac like the Thunderbolt Ethernet adapter or external SSDs and infects it, allowing it to spread to other computers when plugged in.
Here’s the hardcore part, since the malware is installed in the Mac’s motherboard boot flash and embeds itself in firmware, updating or reinstalling the OS or replacing the hard drive won’t remove the malware. Wired says that the only way to remove it is to re-flash the chip that contains the infected firmware.
“For most users that’s really a throw-your-machine-away kind of situation. Most people and organizations don’t have the wherewithal to physically open up their machine and electrically reprogram the chip.” said Xeno Kovah, owner of LegbaCore and one of creators of the worm, in an interview with Wired.
According to Wired’s Kim Zetter, Apple was already notified of the vulnerabilities and has “fully patched one and partially patched another. But three of the vulnerabilities remain unpatched.”