At the last congress in Hamburg Chaos Computer vulnerability was demonstrated by means of which we can rewrite the Mac firmware. Note that this is done with a Thunderbolt built-in device, which is equipped with all modern computers, without exception.
Hack is called Thunderstrike and uses modified to attack computer code stored in a read only memory or ROM. Extends it with the help of devices connected via Thunderbolt. Being connected to the computer, it quietly rewrites poppy firmware.
Such a method of computer hacking is not only impossible to detect, but it also can not be easily removed – reinstall OS X is unable to remove the infected code firmware. Furthermore, Thunderstrike also stores information on the disc, so drive the replacement will not result. Thus, the “cure” Mac only replacement firmware, known as EFI. However, this would require special equipment, as regular methods to update the firmware again fail.
As the specialist, who discovered the vulnerability, Apple is aware of the potential problem and has already implemented some changes in the new Thunderbolt interface Mac mini and iMac display Retina 5K. However, these solutions while offering only partial protection and can still be overcome. In addition, Apple has yet to protect the rest of poppies, equipped with Thunderbolt.
The only solace for owners of Apple computers may be the fact that the attacker always need immediate access to your Mac to infect it. Also, nothing is known of such cases that have already taken place, although it is questionable security guarantee. [9to5Mac]