A New, Undetectable Threat to Your Mac – Understanding the Risks of Thunderstrike

Mac virusMany consumers still assume that Macs are immune to network viruses – this is a common misconception and it’s just not true.

There’s a wide array of malware and viruses out there that can affect Mac computers, and the latest one is an especially huge threat: it’s nearly impossible to detect and remove.

A New Threat

A virus known as Thunderstrike has been discovered by security researcher Trammel Hudson who found that he could replace a MacBook’s Boot ROM by plugging a modified adapter into the laptop’s Thunderbolt port. The Boot ROM is the very first piece of code that runs on a computer when you turn it on, so if it gets replaced by a virus it would be unable to be detected by anti-virus software or virtually any other security features. Currently, there’s nothing in the OS X that can scan for Thunderstrike’s presence.

The bug controls the system from the time it first enters and can log keystrokes, including disc encryption keys, place backdoors into the OS X kernel and bypass firmware passwords. It can affect any MacBook Pro, Air or Retina that has a Thunderbolt port.

Protect Yourself

Apple is trying to develop a fix to prevent criminals from loading viruses into Macs via the Thunderbolt port. Unfortunately, until a fix is found, there’s not a lot consumers can do to protect themselves. There’s no software that can remove it since the bug controls the signing keys and update routines. Likewise, reinstallation of OS X won’t get rid of it, nor will replacing the SSD since there’s nothing stored on the drive.

The best protection possible is to keep an eye on your computer at all times.

Don’t leave your Mac unattached in public places or hotel rooms where someone could get the opportunity to plug a virus-infected adapter into your port. Even with Apple’s fix, your computer isn’t always completely safe. With a bit more effort, someone interested in messing with your computer can take it apart and get access to your boot ROM directly.

Understand the risks facing the sensitive personal and business data stored on your Mac, and keep yourself safe. For more information on Thunderstrike or other security solutions for your technology, contact Slivertip IT at cslade@silvertipit.com, or reach out to us directly by phone at (425) 998-9199.

IT Support Companies in Seattle
 
CLIENT FEEDBACK

“I can’t emphasize enough how much we rely on and trust the IT professionals from Silvertip IT. Silvertip is always available when needed, whether remotely, in our office, or over the phone.  We can rely on Silvertip IT whether it’s during office hours, evening hours, or on weekends. And believe me, we needed them because before they we found Silvertip we had our share of IT issues!”

-Shimizu and Shimizu CPA
read more»