It has been long reported and advertised that Macs are superior to PCs when it comes to computer security and are invulnerable to virus attacks.
However, the security researchers have developed a malware that can spread from one Mac to another and renders them unprotected from attacks.
The worm in question is called Thunderstrike 2, a sequel to the previous Thunderstrike.
Thunderstrike used to bring damage to Mac computers when an infected Thunderbolt accessory plugs into the computer. However, Apple came to the rescue and fixed the problem rather quickly.
While Thunderstrike needs physical access to the computer in order to do its damage, the newly developed worm Thunderstrike 2 can infect remotely.
Thunderstrike 2 can be spread to computers through bad links, and once the link is downloaded, it can affect other connected accessories that employ Option ROM.
With an infected accessory, any Mac that uses that accessory will also get infected.
According to Wired, Thunderstrike is of concern because it primarily targets the firmware Extensible Firmware Interface (EFI).
When malware infects at firmware-level, it would be difficult to detect the problem because most anti-malware and anti-virus services only check the RAM.
It would also be difficult to remove the worm from the firmware unless a person re-flashes the chip manually, as stated in the reports.
The researchers behind the worm, Xeno Kovah of LegbaCore and Trammell Hudson of Two Sigma Investments, used Apple's Thunderbolt to gigabit ethernet adapter to demonstrate how the worm can infect the device.
But according to them, a hacker can also attack the option ROM using an external SSD or via a RAID controller.
Since there are currently no security services that check up on option ROM, attackers can simply transfer the worms to different machines without the risk of getting caught.
Kovah and Hudson will discuss more on their findings at the upcoming Black Hat conference in Las Vegas on Aug. 6.
