Thunderstrike 2 worm demonstrates major vulnerabilities for Mac users

Apple MacBook Gold 2015 hero
Bill Roberson/Digital Trends

For years, Apple computers had a reputation for being impervious to viruses. While that was never completely true, the fact that there were fewer Macs out there to infect meant that fewer exploits were developed to target such systems. Now, Macs are far more popular than they once were, and as such they’re a far bigger target for the coders who create malicious software.

Now, a team of researchers have managed to create the first firmware worm than can attack Mac computers, according to a report from Wired. Security engineer Trammell Hudson has built upon his earlier work in discovering the Thunderstrike exploit to put the concept into execution.

A firmware worm is a particularly devious type of malware, because it can take control of the system’s update processes. Once a computer’s firmware is infected, it becomes very difficult to remove the offending software — and even if you do manage to get rid of it, there’s a chance it will be able to reinstall itself regardless.

Hudson is referring to the worm as Thunderstrike 2, and unlike its predecessor, it has a variety of methods of infecting systems. It can be transmitted via an email or a suspicious website, or it can stow away in the ROM of various peripherals in order to move from one computer to another.

Hudson and Thunderstrike 2 co-creator Xeno Kovah have already shared the results of their work with Apple. However, the company has only taken care of one of the five vulnerabilities that makes the exploit possible. The worm has been created in the hopes of making Macs more secure, so hopefully it’s just a matter of time before Apple can take care of the rest of the issues that this project raises.