Evil Maid Attack
The attack is an evil maid, replacing the boot code on the computer.
His research involves infect Apple EFI (Extensible Firmware Interface) firmware using the externally accessible Thunderbolt ports.
Since the boot ROM is independent of the operating system, reinstallation of OS X will not remove it.
Nor does it depend on anything stored on the disk, so replacing the harddrive has no effect.
A hardware in-system-programming unit is the only way to restore the stock firmware.
In simpler words, an attacker can replace the ROM of the machine, with one of their own.
Neither the OS, nor any hardware mechanism perform any sort of check.
The code can only be removed with an in-system hardware gear.
Apple has not commented on this story.
We will update this article as and when they do.
source: www.techworm.net
