Sleeping Macbooks Vulnerable to Remote Hacking, Says Research

June 11, 2015, By Sanjeev Ramachandran

Shortly after the penetration of the 8-letter code bug into iOS devices, Apple is facing yet another cryptic issue. This time it is with their Mac devices.

OSX security researcher Pedro Vilaca has come up with the finding that Mac devices can be remotely hacked without even the owner aware of it.

The security flaw deals with only those Macbooks that were shipped before the half-way period of 2014. It involves the opening up of gate for remote hacking attacks when these machines are put to sleep mode.

Apple-Macs-vulnerability

It’s also been cited that the attack could be employed to hack even government or corporate Macs, and not just the personal ones. The vulnerability remains open even if the user opts to format the entire drive.

Vilaca explains that when these devices are put to sleep mode, BIOS protection (FLOCKDN) in the devices gets unlocked, following which a remote hacker could alter the EFI (extensible firmware interface) making way for malicious attacks.

The storage of BIOS codes in flash memory rather than in hard drives sustains the vulnerability even if the user gets the hard drives replaced.

Vilaca, who was able to re-flash Macs BIOS code, however, was not able to do the same for devices that were manufactured after the mid-2014 period.

MacBook Pro Retinas and MacBook Air also remained resilient to the attacks. The reason was that these devices ran the latest EFI from Apple.

The possible suggestion from the researcher is that you keep your Macbook settings changed to prevent the device from entering sleep mode.

Even if it’s not done, he explains that there lies only remote chances for an attack, and that’s due to the complexity involved for these hackings when carried out on mass scale.

© 2008-2012 DeviceMag.com - All rights reserved | Privacy Policy