Petronella Blog Archive

Visit our New Blog

Most Macs Have a Permanently Open Backdoor

Blog Post

If your Mac is more than a year old, it's vulnerable to an attack that allows hackers to put malware on it that will survive usual fixes like reformatting your hard drive or reinstalling the operating system.

If a Mac goes into sleep mode, which all of them shipped prior to 2014 do, a hacker can reflash the BIOS using userland, the part of the OS where drivers and applications are executed.  The hacker can then use regular vulnerabilities in browsers to install the firmware that lives on past any sort of recovery efforts.  This happens when protections are down after a machine wakes up after being in sleep mode.


The cyberattack isn't likely to be widely exploited, rather it might be used in targeted attacks, even though it's not a terribly difficult one to do.  One solution is to change the settings in the operating system to prevent the computer from going into sleep mode.  There is software advanced users can put on their computer that will let users compare their firmware files against Apple's.  Available here, the software won't prevent the attack, but it will let you know if you're a victim.