Trammell Hudson, a researcher from New York is going to demonstrate a Highly persistent attack using bootkits on Apple MacBooks at Chaos Communication Congress to be held in Germany this year. The presentation will include the demonstration of the installation of persistent firmware modifications into the EFI boot ROM of MacBooks. An attacker with physical access to a MacBook, can easily infect the system. Key features:

Bootkit can be installed easily via Thunderbolt, a trivial port that exist on MacBook devices.

Remains active even after re-installation of OS X and replacement of hard drive

Prevent software attempts to remove it

Spread virally across across air-gaps via Thunderbolt ports on other devices

Uses SMM, virtualization and other techniques to hide itself from getting detected

Apple MacBooks Vulnerable

The highly persistent nature of this attack is due to the fact that there are neither hardware nor software cryptographic checks at boot time of firmware validity, so once the malicious code has been flashed to the ROM, it controls the system from the very first instruction, and it remains in the system even after the replacement of had drive or re-installation of the Operating system, as the code resided in the ROM. The malicious code can be written to the SPI flash ROM on the motherboard, which creates a new class of firmware bootkits for the MacBook systems. This can be done using Thunderbolt Option ROM to circumvent the cryptographic signature checks in Apple's EFI firmware update routines. Also the POC shows that bootkit successfully replaces Apple's public RSA key in the ROM and further prevents any other person to change the key without attacker's consent i.e. attacker's signature. Hudson adds, "Additionally, other Thunderbolt devices' Option ROMs are writable from code that runs during the early boot and the bootkit could write copies of itself to new Thunderbolt devices. The devices remain functional, which would allow a stealthy bootkit to spread across air-gap security perimeters through shared Thunderbolt devices. While the two year old Thunderbolt Option ROM vulnerability that this attack uses can be closed with a few byte patch to the firmware, the larger issue of Apple's EFI firmware security and secure booting without trusted hardware is more difficult to fix."