There seems to be plenty of advance publicity around for the forthcoming briefing at Black Hat by Trammell Hudson, Xeno Kovah, and Corey Kallenberg on the updated Thunderstrike – see the abstract Thunderstrike 2: Sith Strike.
Randy Knobloch brought to my attention a comprehensive Wired article Researchers Create First Firmware Worm That Attacks Macs by Kim Zetter, making the apposite point that:
“People hear about attacks on PCs and they assume that Apple firmware is better,” Kovah says. “So we’re trying to make it clear that any time you hear about EFI firmware attacks, it’s pretty much all x86 [computers].”
Graham Cluley, for Intego, suggests that Thunderstrike 2 Firmware Worm Proves Apple Needs a Bug Bounty, while Ars Technica comments that “Thunderstrike 2” rootkit uses Thunderbolt accessories to infect Mac firmware: New version of the exploit can spread via e-mail and infected Web sites.
David Harley
Leave a Reply