New Mac OS X exploit opens permanent backdoors for hackers

Vilaca has written a script toreflash a Macs BIOSusing functionality contained in userland.

Userland is a boot up part of Mac OS where all applications and drivers are executed.

Vilacas script works by exploiting vulnerabilities such as those regularly found in Safari and other Web browsers.

Ars Technica says that Vilacas exploit is is more serious than theThunderstrikeproof-of-concept exploit which was discoveredDecember, 2014.

If BIOS are writable from userland then a rootkit can be installed into the BIOS.

Vilacas exploit targets the Mac BIOS protection known asFLOCKDN.

It means Thunderstrike like rootkit strictly from userland, says Vilaca in the blogpost.

The only requirement is that a suspended happened in the current session.

I havent researched but you could probably force the suspend and trigger this, all remotely.

Thats pretty epic ownage ;-).

Im not sure most users would suspect anything fishy is going on if their computer just goes to sleep.

Macs released after mid 2014 are immune to this kind of attack.

Apple has not yet commented on the vulnerability.

source: www.techworm.net