A new exploit dubbed ‘Dark Jedi’ exists for MacBook systems created before mid-2014, where a hacker can issue a malicious program to overtake the system’s firmware by simply having the system be put in sleep mode. Upon waking from sleep, the firmware on these older Macs is unlocked, which leaves them open to access and modification from applications running in OS X. This contrasts with the recent Thunderstrike firmware vulnerability that allowed hackers to overtake firmware, but required physical access to the system. Since this current vulnerability is run by way of malicious software, systems can be attacked remotely by uses of trojan horse and other social engineering approaches, but this also provides an avenue for protection. Continue reading
Tag Archives: Thunderstrike
Which Macs were affected by Thunderstrike?
The Thunderstrike exploit that affected a number of Mac systems with Thunderbolt ports, and gave an attacker with physical access to the system the ability to overtake the system’s ROM with a maliciously crafted Thunderbolt device. This attack was outlined by security researcher Trammell Hudson, and has been fixed in OS X 10.10.2, so for those who are concerned about their systems being vulnerable, this update should address the problem. Continue reading
Apple issues 10.10.2 update and security updates
Apple has released the awaited 10.10.2 update for OS X Yosemite, bringing a number of fixes for outstanding stability bugs and security issues, including some long-standing problems with Thunderbolt (aka “Thunderstrike”) that could allow an attacker with physical access to a machine the ability to overtake the system’s through a firmware hack. Continue reading