When companies claim their products are unhackable or invulnerable, it must be like waving a red flag in front of bulls as it practically dares security researchers to prove otherwise. Apple previously claimed that Macs were not vulnerable to the same firmware flaws that could backdoor PCs, so researchers proved they could remotely infect Macs with a firmware worm that is so tough to detect and to get rid of that they suggested it presents a toss your Mac in the trash situation.
Corey Kallenberg, Xeno Kovah and Trammell Hudson will present “Thunderstrike 2: Sith Strike” at Black Hat USA on August 6. “Although several attacks have been presented against Mac firmware, unlike their PC counterparts, all of them required physical presence to perform,” they wrote in the description of their talk. “Interestingly, when contacted with the details of previously disclosed PC firmware attacks, Apple systematically declared themselves not vulnerable. This talk will provide conclusive evidence that Mac's are in fact vulnerable to many of the software only firmware attacks that also affect PC systems. In addition, to emphasize the consequences of successful exploitation of these attack vectors, we will demonstrate the power of the dark side by showing what Mac firmware malware is capable of.”
The researchers previously used LightEater when they presented “How Many Million BIOSes Would you Like to Infect?” After they revealed that about 80% of PCs have firmware vulnerabilities, Apple claimed Macs did not. But Kovah said that’s not true; he told Wired, “It turns out almost all of the attacks we found on PCs are also applicable to Macs.” In fact, the researchers said five of the six vulnerabilities studied affect Mac firmware.
Firmware runs when you first boot a machine; it launches the operating system. For Apple computers, the firmware is called the extensible firmware interface (EFI). Most people believe Apple products are superior when it comes to security, but the researchers want to “make it clear that any time you hear about EFI firmware attacks, it’s pretty much all x86 [computers].” Attackers need only a few seconds to remotely infect Mac firmware. Macs infected with Thunderstrike 2 would remain infected even if a user were to wipe the hard drive and reinstall the OS as that doesn’t fix a firmware infection.
Attackers might choose to infect a target via a phishing email and malicious site. The malware could “spread automatically from MacBook to MacBook, without the need for them to be networked.” Attackers could remotely target computers, even air-gapped ones, with Thunderstrike 2 as it is designed to spread by infecting the option ROM on peripheral devices. The proof-of-concept malware would “be on the lookout for any peripherals connected to the computer that contain option ROM, such as an Apple Thunderbolt Ethernet adapter, and infect the firmware on those,” explained Wired. “The worm would then spread to any other computer to which the adapter gets connected.”
When another machine is booted with this worm-infected device inserted, the machine firmware loads the option ROM from the infected device, triggering the worm to initiate a process that writes its malicious code to the boot flash firmware on the machine. If a new device is subsequently plugged into the computer and contains option ROM, the worm will write itself to that device as well and use it to spread.
One way to randomly infect machines would be to sell infected Ethernet adapters on eBay or infect them in a factory.
A week ago LegbaCore published a “bricking demo” video showing a Mac Mini being rendered unbootable due to vulnerable firmware.
The video description reads:
Apple does not follow Intel's recommended best practices for protecting their firmware. Consequently Macs are vulnerable to being disabled in such a way that they can never be made bootable again either by attempting to boot off external media (like a DVD/USB) and reinstalling the OS, or by changing the entire HD/SSD with a known working one. The only way to recover from such attacks is to reflash the SPI flash chip with a known-clean copy of the firmware. This attack does not require physical presence. It can be launched via a remote connection to the system (e.g. SSH/VNC).
Apple was notified about the flaws, but naturally the vulnerabilities are not discussed within Apple's description of Mac’s Thunderbolt interface and Thunderbolt peripherals. Although Apple “partially fixed” a Mac EFI flaw in June, the researchers said other issues they identified are still unpatched. Apple chose not to implement protections against one flaw that would prevent an attacker from updating OS X code.
“[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware,” Kovah said. Re-flashing the chip that contains the firmware is the only way to eliminate Thunderstrike 2 malware embedded in the firmware.
On Twitter, Hudson previously asked if you are “vulnerable to the cute kittens of Thunderstrike 2” and his tweet included a picture of a Mac with a cute kitty and a link to “download a cute cat screensaver.”
After their presentation, the researchers intend to release some tools that will “allow users to check the option ROM on their devices, but the tools aren’t able to check the boot flash firmware on machines.” The trio will also demonstrate the attack at Def Con on August 8.