New Mac Backdoor BIOS Attacks | Mac Vulnerability

Posted on July 28, 2015.

There was a time in the not so distant past that Mac computers were viewed by consumers as superior to Windows, in terms of security.  The main reason for this was it was a time when Macs were far less popular than they are today.  With most computers and businesses running Windows, computer viruses were aimed mainly towards these computers instead of Macs.  Roger Grimes of InfoWorld refers to it as, “security through obscurity”.  But, now that Apple computers are becoming more and more popular, hackers are beginning to set their sights on Macs as well.

The latest example of Apple’s increased vulnerability was seen in May 2015.  OS X security researcher, Pedro Vilaca, confirmed that Mac computers shipped prior to the middle of 2014 are at risk to backdoor BIOS attacks.  Using this recently discovered technique, hackers have the ability to overwrite firmware that boots up the computer and loads the operating system.  Once the computer is infected at this lowest level of control, there is no remedy.  The exploit has the power to pass right through any antivirus or any other security set in place.  This means that the virus could be on your Mac for long periods of time without you knowing and by someone half-way across the world.

What can be done?

Vilaca states that there is little you can do to prevent this particular attack (unless you are an advanced user, in which case alerts can be set up when attacked.  But, it still cannot be prevented).  This is because the hacker has his “in” when the computer wakes up from sleep mode. When a Mac wakes up, certain protection is deactivated allowing firmware to be rewritten or reflashed.  This means attackers can now overwrite existing firmware before the system begins booting up.    

Are you at risk?

The attack is not likely to be exploited on a large scale because of the difficulty to carry it out effectively.  This kind of attack is more likely to be used for specific and targeted Macs.  Nonetheless, this discovery should open some eyes, according to Vilaca.

"We need to think different and start a trust chain from hardware to software.  Everyone is trying to solve problems starting from software when the hardware is built on top of weak foundations. Apple has a great opportunity here because they control their full supply chain and their own designs. I hope they finally see the light and take over this great opportunity."