A security researcher has uncovered a flaw in Mac computers that could allow the installation of rootkit malware. The simple fix for now? Don’t use sleep mode on your Mac.
Picture by Benjamin Nagel
Pedro Vilaca found that on Macs released prior to mid-2014, resuming the machine in sleep mode makes it potentially vulnerable to an exploit known as Dark Jedi, which allows rootkit software to be installed into the machine’s firmware. That’s the kind of attack that if successful can even survive reformatting of the machine, and it appears it can be executed remotely.
While the details of the attack are complex, Vilaca’s advice for avoiding it is much simpler: “Do not let your computer sleep.” Now that the attack has been publicised, it’s likely Apple will eventually update the relevant firmware — but until that happens, avoiding sleep mode is a much simpler solution.
The Empire Strikes Back Apple – how your Mac firmware security is completely broken [Reverse Engineering Mac OS X via Business Insider]