Why Using Sleep Mode On Your Mac Leaves It Vulnerable To Attacks

Why Using Sleep Mode On Your Mac Leaves It Vulnerable To Attacks

A security researcher has uncovered a flaw in Mac computers that could allow the installation of rootkit malware. The simple fix for now? Don’t use sleep mode on your Mac.

Picture by Benjamin Nagel

Pedro Vilaca found that on Macs released prior to mid-2014, resuming the machine in sleep mode makes it potentially vulnerable to an exploit known as Dark Jedi, which allows rootkit software to be installed into the machine’s firmware. That’s the kind of attack that if successful can even survive reformatting of the machine, and it appears it can be executed remotely.

While the details of the attack are complex, Vilaca’s advice for avoiding it is much simpler: “Do not let your computer sleep.” Now that the attack has been publicised, it’s likely Apple will eventually update the relevant firmware — but until that happens, avoiding sleep mode is a much simpler solution.

The Empire Strikes Back Apple – how your Mac firmware security is completely broken [Reverse Engineering Mac OS X via Business Insider]


  • My advice: sleep mode is convenient, so use it in more secure locations such as at home or when the Mac is close by, and shut it down in transit.

Comments are closed.

Log in to comment on this story!