Thunderstrike shocks OS X with firmware bootkit Reverse engineer Trammell Hudson has created an attack dubbed Thunderstrike which can quietly, persistently and virally compromise Apple Macs from boot. The Thunderstruck attack uses 35 year-old legacy option ROMs to replace the RSA keys in a Mac's extensible firmware interface (EFI) to allow malicious firmware to be installed …
Have a thumbs-down for totally missing the blatant phishing joke! Simply put, the best and most common way to defeat really good technical defenses is through social engineering. This has been done over and over in all sorts of settings and in many different ways. Of course, you would never, ever fall for something like that... or understand it, for that matter.
"Not so far on my PC with Windows + Secure Boot + Bitlocker + TPM. Zero known successful exploits of that to date."
Same for Macs until this news I believe. Remember that this is a firmware exploit rather than an OS one. Given recent noises being made about UEFI exploits being discovered I believe it's only a matter of time before we see some other PC brands being pwned too. Once you infect the firmware then the OS or disk encryption scheme is of little relevance.
Typical head in the sand comment.
Suppose you're the CEO of an unscrupulous far eastern electronics company, and you have your eyes set on stealing secrets from a certain California-based purveyor of desirable shiny goods, isn't something like this exactly what you're looking for? Said shiny goods company will undoubtedly have thousands of Macs sitting in their offices, containing confidential information on future products etc. They will also have lots of foreign born employees, it would be odd if they didn't. So, all you need to do is get one of your people onto shiny's payroll and slip an infected connector into the workplace, then sit back and wait and see what juicy bits of info you can slurp. Lots of companies use contractors and off-shore developers, so, physical access isn't as difficult as you seem to believe.
A one-off grab of info could be useful, a long-term stream of info is far more valuable.
Another thing to think about. This was developed by a small number of individuals, working on each others disclosed work. Do you honestly believe that unfriendly governments haven't had their teams of hackers working on such techniques?
Just because these people are the first to disclose these techniques, it doesn't mean they are the first to discover, develop and exploit these vulnerabilities.
Many thanks for the supposition, almost as good as a suppository. I don't work on the Eastern rim, and know my environment. And believe me, someone showing up with the TB connector would blow us away, everybody shows up WITHOUT the damn thing.... and we have them in all necessary locations to compensate. SO, if anyone wants into your data bad enough, we/you/everybody are f%cked in any case!
And to be fair, I've re-read the article, and still don't see how they infect the connector? And what level of skill would be needed to pull of this escapade? How is the payload loaded into this connector? And what is the everyday user threat?
Thanks for your reply.
They don't infect the connector yet but a peak inside the cable shows that it wouldn't be hard to construct a cable or any adapter with a malware payload built right in and given how easy it is to find counterfeit parts of premium brands it may not be long before it hits the mean streets. If someone figures out how to infect a legit Apple cable without external modification then screwed will take on a whole new meaning. It seems Semtech is holding the GN2033 chip datasheets pretty close to its chest but that only buys a little time and I would be surprised if the various TLA branches of government weren't actively working on it.
You don't need physical access to the laptop. All you need is access to the projector connector in the meeting room where its owner is going, and a small laminated card saying "Mac users: Sorry, but the projector doesn't hot-plug with Thunderbolt displays. You need to plug in the cable, then restart your laptop"
Just glad our users are issued one, and they don't use others hardware.
Something like this would raise a huge flag with our users:
"Mac users: Sorry, but the projector doesn't hot-plug with Thunderbolt displays. You need to plug in the cable, then restart your laptop"
We're 95% Apple...
How hard would it be to insert this deceive in say a monitor and run it's code on 1st boot? After it's not like a monitor is unplugged all the time and only connected after boot?
The user will see odd things then boot as normal...99.9999% of people a) won't see it because they are doing something, say making a cup of coffee, or b) will just go, ooh that was a bit weird, must of been an update or something...then carry on as normal, as everything is now working correctly.
And is essentially the same sort of exploit as the old Firewire hacks.
Both (along with CardXpress, PCIe etc.) are DMA based interfaces that give the cards/devices plugged into the system direct access to memory. Apple can bring out a patch that excludes the UEFI from the DMA area.
But it still remains a DMA interface, essentially working as intended.
As to AC's Windows setup, there is an exploit there, you going to grab a coffee or to the bog and forgetting to lock your PC, then they can install local malware or copy data off the PC...
"As to AC's Windows setup, there is an exploit there, you going to grab a coffee or to the bog and forgetting to lock your PC"
That is not an exploit though. There is no publically known way of accessing the data on such a PC that is not logged on or of compromising / changing the boot process without a PIN + valid user account.
There is no publically known way of accessing the data on such a PC that is not logged on or of compromising / changing the boot process without a PIN + valid user account.
Keylogger built into the keyboard cable - trivial with a USB-attached separate keyboard.
Your PC is a laptop and the keyboard is built in? Your keyboard cable is physically secured? You didn't say that in your original description.
Drive encryption with the key in a TPM certainly prunes some branches of the attack tree. UEFI Secure Boot prunes some more. That doesn't mean there are no branches left, and AC grandstanding just makes you look foolish.
"Keylogger built into the keyboard cable - trivial with a USB-attached separate keyboard."
Then you would have a pin + user account. The (as far as I can see completely correct) claim above says you can't get access to the such data under Windows WITHOUT a pin + user account.
"Your PC is a laptop and the keyboard is built in? Your keyboard cable is physically secured? You didn't say that in your original description."
It specifically says without a pin + user account. So that would exclude obtaining one. So it means you can't remove the hard drive and somehow access the data, or otherwise subvert the boot process to get access to the data. The only way is to boot and logon.
I've asked this before but nobody answered so I'll give it another shot. There was an earlier exploit with firewire that made use of the protocol's DMA. This exploit was blocked by the addition of a firmware password. Would such a password blocked the Thunderstrike exploit? Does it bypass any control around firmware updating or would it be foiled by such a lock? I seem to remember having to boot from the install media and use a firmware tool to apply the password (was a couple of years ago now).
Anyway, answers on a postcard would be appreciated.
See the link to the annotated presentation ("blog post") in the article.
Thunderstrike works by triggering a firmware update and bypassing the signature check on the SCAP file. During firmware update, the EFI code loads Thunderbolt OptionROM code but doesn't lock the firmware first (as it does for a normal boot). That means the OptionROM code can alter the firmware.
This appears to bypass all firmware passwords and other protection mechanisms.
(Also, the post explains quite clearly how Thunderstrike is different from Thunderbolt DMA attacks and snare's 2012 Thunderbolt OptionROM rootkit. Various too-hasty commentators complaining this is not new should read it. But then if they were smart enough to do that, they wouldn't have posted in the first place, eh?)
As an Apple user I must defend this constant belittling of the company on The Register, and other sites, with regard to security. Apple need to make lots of money, and wasting resources even informing their users about security issues would be negligent in the face of the enormous gains to be made in avoiding paying taxes as an alternative.
Denying there are any security issues with Macs 'just works', and offers better value for money to YOU the paying customers. So just shut up.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
