1 posts tagged with ccc.
Displaying 1 through 1 of 1. Subscribe:
Thunderstrike - firmware bootkit for Macs
At 31C3 I presented Thunderstrike (1 hour video), an proof of concept exploit against an EFI security vulnerability that allows an attacker to write possibly malicious code in the boot ROM of MacBooks via the Thunderbolt port. The bootkit can be easily installed by an evil-maid or border-crossing agent given a few minutes alone with the laptop, regardless of firmware passwords or disk encryption, and can survive reinstallation of OSX as well as hard drive replacements. Once installed, it can hide from attempts to detect it, prevent software attempts to remove it and spread virally across air-gaps by infecting additional Thunderbolt devices. [more inside]
Page:
1