Your MacBook Is Not As Secure As You Thought

Researchers successfully hack into Macs that are not connected to the Internet.

Your MacBook Is Not As Secure As You Thought
[Photo: Flickr user sunshinecity]

Researchers have created the first firmware worm that targets Mac computers, in a move that gives corporate security teams a sharp new headache and pokes holes in one of Apple’s top selling points. A proof-of-concept worm from Xeno Kovah of LegbaCore and Trammell Hudson of Two Sigma Investments jumps from MacBook to MacBook, even if the computers are not connected to the Internet or on a network with each other.

Hudson and Kovah informed Apple of the five security vulnerabilities they found. One has been fixed as of press time, one has been partially patched, and three remain unpatched. According to Wired’s Kim Zetter, who broke the story, “If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate malicious code, the malicious firmware code will remain intact.”

The two researchers are scheduled to discuss the details of their discovery at the BlackHat security conference in Las Vegas on August 6.

Read more about the Mac firmware worm at Wired.

About the author

Based in sunny Los Angeles, Neal Ungerleider covers science and technology for Fast Company. He also works as a consultant, writes books, and does other things.