Apple’s Macs and OS X have traditionally been viewed as a safer, more secure alternative to Windows, but researchers have proven that’s not the case. Security experts created a worm that attaches itself to a Mac’s firmware and remains there no matter what.
Ahead of a presentation on this type of attack, researchers created a proof-of-concept worm that can stealthily burrow itself into a Mac’s firmware. It’s then impossible to remove without re-flashing the device’s firmware, which can be difficult and is only for those who really know what they’re doing.
The real threat is that previous attacks of this nature required physical access to the machine, but this attack can be delivered remotely by tricking the user to click on a malicious link. A silent, almost undetectable attack that’s nearly impossible to get rid of could spell disaster for many users.
Luckily Apple is already on the case and has patched one of the vulnerabilities that’s being exploited, while the second one is being worked on as we speak. The latest version of OS X (10.10.4) seems to no longer be vulnerable to these types of attacks, so make sure to upgrade quickly.
Source: Wired