Apple laptops may be vulnerable to ‘irremovable’ virus

A security expert has found a way to install malicious code on a tiny chip built into Apple laptops which would resist any attempt at removal – even replacing the entire hard disk will not delete it.


The attack, which is being called Thunderstrike, is virtually undetectable and would require an attacker to get access to a machine for mere moments. And because it is new, no security software will even be looking out for it.


Trammell Hudson, who works for New York hedge fund Two Sigma Investments, said that the discovery came about when his employer asked him to look into the security around Apple laptops.


“We were considering deploying MacBooks and I was asked to use my reverse engineering experience to look into the reports of rootkits on the Mac,” he wrote in an annotated version of a talk he gave at the 31C3 conference .


His first step was dismantling one of the laptops to get access to the boot ROM, a small chip which contains the code which gets the computer up-and-running when first switched on, before the main operating system is even loaded.


Malicious code can be hidden in this ROM which, unlike a normal virus which resides on the hard disk, cannot be removed. This is known as a bootkit attack. That code can be made to do anything an attacker wishes, from covertly observing the user to leaking sensitive data held on the machine.


Although previous researchers have found that modifying the contents of the ROM in Apple laptops results in the computer being rendered completely unusable, as security measures look for any changes and shuts down if it finds them, Hudson was able to circumvent these checks and install any code he wished.


He said that these security measures were always “doomed to fail” and “futile” because anyone who can get access to the contents of the ROM can also get access to the code which checks the ROM for changes. Instead, he says, there should be some unchangeable hardware chip which performs the checks.


It was further found that the attack could be made without physically taking the machine apart to get to the chip, simply by using the Thunderbolt port. Theoretically any device – a monitor, hard disk or printer – could be used to install malicious code, just by plugging it in following simple steps.


“Since it is the first OS X firmware bootkit, there is nothing currently scanning for its presence. It controls the system from the very first instruction, which allows it to log keystrokes, including disk encryption keys, place backdoors into the OS X kernel and bypass firmware passwords,” Hudson said.


“It can’t be removed by software since it controls the signing keys and update routines. Reinstallation of OS X won’t remove it. Replacing the SSD won’t remove it since there is nothing stored on the drive.
“Given a few minutes alone with your laptop, Thunderstrike allows the boot ROM firmware to be replaced, regardless of firmware passwords or disk encryption. Thunderstrike in its current form has been effective against every MacBook Pro/Air/Retina with Thunderbolt that I’ve tested, which is most models since 2011.”


Hudson has said that Apple is rolling-out a "partial fix" as a firmware update which would stop the ROM being overwritten with malicious code in some circumstances, but not all - such as when a machine is rebooted with a malicious Thunderbolt device plugged-in. He first approached the company about the flaw in 2013 but says that some laptops are still vulnerable as hackers could trick machines into “downgrading” software to a version that doesn’t include the new fix, then attacking the machine.