Apple bug Thunderstrike 2 leaves Macs vulnerable to worm, could give hackers control of computers and go entirely undetected
Apple's MacBooks and iMacs could be infected with the attack — and their users would never know
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Security researchers have found a vulnerability that would let them take control of Apple’s Mac computers and spread to other computers.
Apple’s computers have long been said to be much more secure than PCs, and for a long time were advertised as not being able to get viruses. But the researchers claim to have created the first attack that would be able to spread from computer to computer, taking control of them as they go.
The worm is known as Thunderstrike 2 — the sequel to another, similar, Mac attack that could infect a computer by plugging in an infected accessory and was patched up soon after it was made public. But the new worm doesn’t require physical access to the computer to work, and can be spread through a bad link, which could be sent through a harmless looking email.
The attack works by attacking the firmware that is the most basic software in the computer, powering its different parts and allowing them to talk to each other. Apple’s firmware was long considered to be safe from attacks, because the company keeps its products so locked down, but researchers claim that the new attack works by exploiting its vulnerabilities.
Hacks that exploit firmware are considered particularly dangerous because they are especially hard to find —because security software meant to find it doesn’t scan firmware — and then get rid of. It would also be hard for Apple to protect against, according to the researchers, and extra difficult to get rid of once it happens because users would have to reset the whole chip.
That would mean that the attack would likely sit forever on the chip once it was installed, giving hackers lasting control over the device.
“[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware,” Xeno Kovah, one of the researchers who designed the worm, told Wired. “For most users that’s really a throw-your-machine-away kind of situation. Most people and organizations don’t have the wherewithal to physically open up their machine and electrically reprogram the chip.”
The security researchers who found the vulnerabilities hope to show them at security conferences this year.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments