Mac’s Firmware Can Be Tempered Remotely, Discovers A Security Researcher
Apple’s one year old Macs are on risk of remote hacking because of inadequate security of the program responsible to wake them back up from sleep mode, Mac security researcher Pedro Vilaca has discovered.
According to the researcher, during Mac’s sleeping and waking back up, hackers can temper the program that boots up the system. The attackers can change the read-only code remotely, Vilaca cautions.
After tempering the program, hackers can install malware and thus, eventually, reformat and reinstall the OS. Most alarmingly, hackers don’t need any physical interaction to launch these attacks, reports the Business Insider.
While testing some of the machines, Vilaca found that the bug has been removed from the newer devices. Speculatively, Apple has fixed the issue itself or the flaw exists in non-uniformly.
“I have tested against a MacBook Pro Retina, a MacBook Pro 8,2, and a MacBook Air, all running latest EFI firmware available. And every single one is vulnerable. It appears that latest MacBook models are not vulnerable but I’m not 100% sure about this,” the researcher noted in a blog post.
Vilaca suggested a one and only defense to all the Mac users. They have to prevent their Macs from going into sleep mode; this can done by changing the default settings. He also emphasized on shutting down the systems after usage. Users should write Apple and “demand firmware security fixes for this bug…,” he adds.
Individual users need to be extra careful as the Mac security researcher sees them as potential targets for the attackers.