Skip to main content

They come when you sleep — backdoor that operates in sleep mode opens permanent vulnerability in OSX

new mac vulnerability format malware2
Remember the good old days where, worst comes to worst, you just formatted the drive and you knew it was clean, fresh and ready for an OS installation without anything else on there? Good times, but that’s all in the past now, as it turns out a new vulnerability for Apple’s OSX has been found capable of avoiding deletion during a format or OS refresh, making it one of the more resilient hacks out there.

The vulnerability, which according to its discoverer, has been around for more than a year, allows the nefarious individual behind it to take control of the machine, and even grants them the ability to flash the BIOS on the system, thereby making it possible  to re-write the system’s POST code. That means that even if you clean your HDD or SSD out entirely, it can just become re-infected the second you boot it up, as per Ars.

Related: Can Macs get viruses and malware? We ask an expert

What makes this issue so problematic is that it could be bundled with other, already-existing malware in order to make them effectively invincible to traditional software and manual cleaning methods.

The good news, however, is that Apple’s late 2014 systems all seem to have had this vulnerability fixed. Even so, Apple hasn’t done anything about those systems that were sold before that time. That could be its way of trying to keep a lid on the problem, hoping that no one would discover — and thereafter exploit — it. If so, that is some pretty hefty wishful thinking, leaving people vulnerable to persistent attacks from remote actors.

For those of you who have a pre-mid-2014 Mac and wish to protect yourselves from this security flaw, the only real advice that can be offered — until Apple releases its own fix — is to not allow your system to sleep, as that’s when it becomes vulnerable to attack via this particular exploit.

Editors' Recommendations