Security researcher Trammell Hudson recently demonstrated at the Chaos Communications Congress in Germany that a Mac can easily be hacked via its own Thunderbolt port.
Hudson is well-known in the community and showcased that he could easily infect Macintosh computers using a special kind of malware, via the computer’s Thunderbolt port.
A recent article on Mashable stated that Hudson gave a gist about how a bootkit-like custom code could penetrate via the Thunderbolt port with great ease, taking complete advantage of the Thunderbolt flaw.
Thunderstrike takes advantage of the Thunderbold Option Flaw, which was first disclosed on 2012, but is presently a proof-of-concept. The custom codes are not yet in the wild, so you may not get infected, just as yet.
An attacker can take advantage of the flaw and render your Mac machine bricked. On the other side, if infected, it could pass on the infection to other devices connected to the Thunderbolt port and spread like a virus. The code exploits the flaw to write a new code to the boot. It can also replicate itself across the network.
The scarier part is that the code is a separate ROM in itself and the attack cannot be stopped by reinstalling the OS or even swapping the hard drive.
Hudson stated that regular users need not worry as the code is not yet available to everyone and it is only a proof-of concept for now.
Apple has taken this seriously and has already patched the Mac Mini and iMac with Retina Display. The code cannot exploit your Mac via downloads or software or virus. In order to hack into your Mac, the attacker would need to gain physical access to your machine.
For a complete detail on the vulnerability, read here. Also watch the video on Hudson’s research below.
