Apple Security Flaw Exposed! Hackers Design Undetectable Virus Entering Mac Systems
If you think Mac computers are virus-proof, think again.
Security experts recently discovered that there is, in fact, a flaw in its security.
To prove this, they even developed a virus.
Mirror said that experts Xeno Kovah and Trammell Hudson created a worm named Thunderstrike 2 which reportedly "can infect Apple's computers without the user ever knowing."
"The worm exploits a vulnerability in Apple's firmware (software behind the operating system) and can be spread through a phishing email or a simple USB stick plugged into a Macbook or iMac," added the same report.
It also noted that the two men are "white hat" hackers who discover possible problems with technology to aid their developers and manufacturers in improving software or solving these issues.
"[The attack is] really hard to detect, it's really hard to get rid of, and it's really hard to protect against something that's running inside the firmware," Kovah said in a similar Wired report.
Kovah is reportedly the owner of firmware security constancy company LegbaCore while Hudson is a security engineer affiliated with Two Sigma Investments.
He added that if infected, users can actually just dispose of their machines because of the severity of the problem.
"Most people and organizations don't have the wherewithal to physically open up their machine and electrically reprogram the chip," he added.
Wired said that the duo will discuss their findings further at the Black Hat security conference set on August 6 in Las Vegas.
But to those who are already excited to know more about this security issue, the two have already uploaded a YouTube video discussing it.
In a MacRumors article, Kovah also explained that people are usually not aware that even small cheap devices can infect their firmware.
"You could get a worm started all around the world that's spreading very low and slow. If people don't have awareness that attacks can be happening at this level then they're going to have their guard down and an attack will be able to completely subvert their system," he added.
Despite the existence of these threats, the experts said Apple has not yet done the right things to fix these problems
"Some vendors like Dell and Lenovo have been very active in trying to rapidly remove vulnerabilities from their firmware," Kovah explained.
Forbes reported that the only possible way for the users to detect attacks like the Thunderstrike 2 is to have a "firmware forensics, a service that isn't on offer to the average user."
It explained that users will have to be familiar with "the basics of chip-level security" to make sure that they are indeed secured.