Posted by: David Harley | August 4, 2015

Thunderstrikes twice…

There seems to be plenty of advance publicity around for the forthcoming briefing at Black Hat by Trammell Hudson, Xeno Kovah, and Corey Kallenberg on the updated Thunderstrike – see the abstract Thunderstrike 2: Sith Strike.

Randy Knobloch brought to my attention a comprehensive Wired article Researchers Create First Firmware Worm That Attacks Macs by Kim Zetter, making the apposite point that:

“People hear about attacks on PCs and they assume that Apple firmware is better,” Kovah says. “So we’re trying to make it clear that any time you hear about EFI firmware attacks, it’s pretty much all x86 [computers].”

Graham Cluley, for Intego, suggests that Thunderstrike 2 Firmware Worm Proves Apple Needs a Bug Bounty, while Ars Technica comments that “Thunderstrike 2” rootkit uses Thunderbolt accessories to infect Mac firmware: New version of the exploit can spread via e-mail and infected Web sites.

David Harley

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: