Thunderstrike 2 - a new "Trojan horse" for the Mac, which is difficult to detect

edition of Wired published a study two "white" hackers who managed to discover a new worm for the Mac. The threat was called Thunderstrike 2 and has an important feature - it is practically impossible to detect. Moreover, to get rid of the malware can exclusively on special equipment.

The virus enters the computer via the peripheral device. Basically it is a variety of adapters, and Ethernet-adapter. The last is particularly popular with owners of modern ultrabooks or Mac, which have no special output for Internet cable. Due to the fact that such systems is very weak defense, they are easier to infect with malware rather than the operating system itself OS X with more serious protection.

Due to the fact that the virus gets on the chip itself, and not the operating system, get rid of it in the usual OS updates or antivirus programs will not work. Moreover, the user will not even know about the infection as long as the computer is carried out the attack. To calculate the threat should be checked on a special computer software. When you connect the adapter to the other infected computers, the virus will be pumped to them.

What is interesting, previously similar virus found on computers of Iranian and Russian officials. The virus is kept in the "iron", which means that the usual anti-virus software to detect it could not.

As Apple has not responded to the problem report. However, about six months ago, it was found a threat, when the virus was transmitted to a computer using a Thunderbolt cable. Then the threat received Thunderstrike name and was resolved within a few weeks. It seems that this time Apple promptly correct the problem. Otherwise, users with infected computers will not be easy: find the equipment to eliminate the virus would be difficult and expensive.

(via)