OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

How serious is Thunderstrike?

Published January 19th, 2015 at 10:59 AM EDT , modified January 29th, 2015 at 4:54 AM EDT

A few weeks ago, Trammell Hudson demonstrated a way to permanently infect a Mac’s firmware using an exploit involving the Thunderbolt port on recent Macs. There has been a lot of very excellent information written about this, such as Rich Mogul’s Thunderstrike article in TidBITS. Although I can’t really provide any additional information, I can at least give readers my own perspective.

First, it’s important to understand what Thunderstrike is. It is an exploit involving a malicious Thunderbolt device, such as a modified Thunderbolt Gigabit ethernet adapter, being connected to the target Mac. The attacker can simply connect the malicious device, reboot the computer, and that’s it… the firmware has been modified. Worse, the modification can be made in such a way that it would be very hard to detect, and would be impossible to reverse through simple firmware updates.

Obviously, this is a very tempting method to use for “evil maid” attacks, in which a malicious person has temporary access to your computer. However, another aspect of this exploit means it could spread virally. A theoretical Thunderstrike virus could infect any Thunderbolt devices connected to a compromised Mac. Thus, such a virus could spread through infected Thunderbolt devices that get shared between computers.

Fortunately, there are no known Thunderstrike exploits in the wild. Of course, that doesn’t necessarily mean anything, since such an exploit would take time to be detected, and would probably be used sparingly. Apple has fixed the issue in the hardware of some recent Macs, and is reportedly working on a firmware update to fix it in older Macs.

However, that firmware update would not provide full protection, as an attacker could potentially perform an additional step to downgrade the firmware, then install the exploit. This means that any Macs with vulnerable hardware will continue to be vulnerable, regardless of firmware updates. The only way to prevent such an exploit on a vulnerable Mac would be to modify the hardware somehow (voiding the warranty) or to maintain tight control of the machine to prevent any untrusted Thunderbolt devices from being connected.

Most people will never be affected by any Thunderstrike exploits that end up appearing in the wild. However, in certain situations, you simply cannot predict whether a Thunderstrike attack might be used. Remember that there are two possible scenarios:

  1. Unmonitored physical access to the computer by a malicious individual
  2. Restarting the computer while connected to an infected Thunderbolt device

For example, if you have to hand over your laptop in customs while traveling, a malicious customs agent could easily install an exploit. In the second case, if you connect to something like a shared Thunderbolt projector, you could potentially end up infected by a future Thunderstrike virus. It’s very unlikely that these situations would lead to an exploit at this time, but not impossible, and it may become more likely in the future.

My advice would be to keep your Mac close, or locked up in a safe environment, at all times. If your home is not a safe environment, due to a malicious roommate or hostile spouse or relative, take it with you any time you leave. If you plan to travel internationally, don’t take a Thunderbolt-equipped Mac with you. Find an older Mac without Thunderbolt, put what you need for your travels on it and take that instead. If you need to leave a Mac unattended in a hotel room, lock it up somehow, either in a locking case or in the hotel safe. Do not connect it to unfamiliar Thunderbolt devices, or if you must do so, be sure not to restart the computer while such a device is connected.

Some people have suggested putting epoxy in the Thunderbolt ports. This is not a solution I would recommend, since it will permanently ruin those ports. Still, for people in high-risk positions who are okay with destroying part of their computer’s hardware, this would be one option. It’s important to understand, though, that such a technique does not nullify other threats involving physical access, such as potential access to any unencrypted data on the hard drive.

It’s important to remember that Thunderstrike is just the latest threat to your security, and just as the danger of this threat should be neither over- nor under-stated, it’s also important to remember to be vigilant against other threats. Keep in mind that you are the biggest weak point in your computer’s security, and knowing what the threats are and how to avoid them is a big part of staying safe.

Updates

Tuesday, January 27, 2015 @ 3:30 pm EST: Mac OS X 10.10.2 has been released by Apple. Supposedly, this update contains a fix for the Thunderstrike vulnerability, and also prevents rollback of the firmware in order to install Thunderstrike on older, vulnerable firmware. Unfortunately, I’m relying entirely on third-party reports for this information, as Apple’s security updates page still has no information about the update. (That’s an annoying habit Apple has gotten into lately… lately, that information has always lagged behind the availability of the updates.)

I have sent an e-mail to Trammell Hudson to get his opinion on this update. I’ll add more here when I know more.

…a little later: Apple has posted the information about Security Update 2015-001, and Trammell Hudson has gotten back to me. He reports in an update in the FAQ on his Thunderstrike page that this update does indeed prevent the Thunderstrike attack, though he also points out that the documentation makes no mention of the supposed rollback prevention feature that some media outlets have talked about. Is it there, but just undocumented, or were the folks writing for those media outlets smoking something? Unknown at this point.

Thursday, January 29, 2015 @ 5:00 am EST: A detail I didn’t notice before: the update that fixes the Thunderstrike vulnerability was only made available for machines running Yosemite. Vulnerable Macs running older versions of Mac OS X remain vulnerable! If you have a Mac with Thunderbolt and an older system, it would be wise to upgrade to Yosemite as soon as you can, if you are able to.

Tags: ,

28 Comments

  • Grant says:

    On which units has Apple fixed this issue already, do you know? Is there a security bulletin we could look at?

  • Patrick Mele says:

    Thanks for the heads up Thomas, I have a question (it might be silly) regarding my Mac i.e. While traveling when its turned off and not in sleep mode, can others attack my laptop via thunderbolt port? If true, I will get an external Kensington lock to be safe. thanks Thomas in advance…

    • Thomas says:

      Yes, all it takes is plugging in a device and restarting (or turning on) your computer. Unless there’s an external lock that covers the Thunderbolt ports, that won’t help. If there is such a lock (I couldn’t find one on Kensington’s site), then I’d love to know about it!

  • mysterian says:

    why not stop the Thunderbolt kexts from loading?

    • Thomas says:

      It’s not that simple. This exploit relies on behaviors that occur before any software loads… it’s a hardware issue, and even a firmware upgrade won’t fix it unless Apple does something to make it impossible to downgrade the firmware.

  • Grant says:

    I can’t remember if setting a firmware password will prevent someone from updating the firmware without knowing the password. Is this a possible measure you could use to mitigate this threat?

    • Thomas says:

      Setting a firmware password will not affect this. The exploit can still be applied even with a firmware password in place.

      • Grant says:

        Thanks for confirming this. I suspected this but I hAven’t had to apply a firmware update as of yet, so thought I’d check.

  • El Aura says:

    I always like be creative in finding solutions. My initial instinct would be physically sabotage the computer such that it cannot boot. To be practical it would need to be reversible without too much effort. But of course, any method I can think of, any attacker could be thinking of as well. And the increasingly closed and ‘soldered’ nature of Macs doesn’t make this exactly easy.

    So, at the risk of spoiling these solutions here are some fun ideas:
    (1) Unplug whatever can be unplugged on the motherboard that prevents booting. Replug with a thin cellophane foil such that it looks plugged in. Bonus points if one could add a way to restore the contact via a tiny mechanism that could be operated from outside the Mac, not requiring to opening of it.
    (2a) Replace the TB port with a mechanically modified one that prevents contact to be made but includes a mechanical element that re-enables it (if you want to be mean, modify it such that any TB device plugged in gets fried).
    (2b) Even better, modify it such that with a tiny mechanical adaptor put onto TB plug, functionality is restored.
    (3) On two-TB-ports Macs, mechanically modify the ports that routes half of the contacts to one port and half to the other such that a custom adaptor that plugs into both ports restores functionality (the need for active cables with TB probably makes that very difficult if not impossible), (2b) is probably much likely to be feasible
    (4) Add super glue such that anything plugged in cannot be removed anymore without leaving visible marks, but find a method to remove the super glue without destroying the computer

    (Feel free to delete or not publish this comment, if any of the above might be feasible enough to be actually worth it.)

    • Thomas says:

      Interesting ideas, but a bit impractical. If anyone actually had the expertise to modify the hardware of their machine in the manners that you suggest, they would also be able to do as Trammell Hudson said in the following document and modify a couple bytes in the ROM to disable support for the Option ROM that causes the problem:

      https://trmm.net/Thunderstrike_31c3

  • Jay says:

    When I travel I have my MacBook Air on me, it never leaves my sight except when TSA runs it through the x-ray machine at the security checkpoint. Since I learned about thunderstrike this definitely made me nervous. If anyone is likely to exploit a vulnerability like this is powerhungry organizations like the TSA and other government branches. I don’t believe I am being watched , am on a list of any kind or am a target. No conspiracy theory stuff here 😉 Just another citizen. However being just a regular citizen is all you need to be to have government agencies and corporations around the world collect data on you in every which way they can. Just because I value my privacy I take precautions to protect it. In the case of my travels earlier this month I purchased a cheap 3rd party thunderbolt cable, sawed off the connector to make it sit flush with the edge of my MacBook Air and basically blocked the thunderbolt port. Then the plug was filled up carefully with clear nailpolish. It’s in there tight and nothing can be plugged in. Takes a while to get the plug out carefully with tweezers, doing this at a TSA checkpoint would take long enough to raise suspicion. Once the travels are done, I take the plug out and leave it out. A hassle? Yeah it takes a good 15-20 minutes to get the plug out. Worth it for the piece of mind? I believe so.

  • sobeiski says:

    bios password anyone?

  • JP says:

    Will Apple’s emminent Thunderstrike patch dis-infect previously infected systems?

    • Thomas says:

      That’s difficult to say, since there is still no known Thunderstrike malware in the wild. However, if there is some that we don’t know about yet, it depends on what that malware does. As Trammell Hudson points out, malware using the Thunderstrike vulnerability could “lock the door behind it,” preventing any further changes from being made to the firmware without the right cryptographic key, or physical access to the computer’s innards in order to re-flash the firmware by hand.

  • Manfred says:

    OS X Yosemite 10.10.2 has just been released, and it includes the fix for this issue:

  • Timothy B says:

    Thunderstrike is just one type of EFI/firmware exploit that Mac’s are susceptible to.
    Apple has not done a very good job of dealing with these types of bootkit issues.

  • leftblank15 says:

    Is this just like the fix to the thumbdrive’s-“Evil Maid”-exploit, that was supposedly fixed by Apple in Yosemite 10.10.2 ?

  • Ofelia says:

    How would you know if you had some sort of Thunderstrike infection?

    • Thomas says:

      You wouldn’t… that’s what makes it so dangerous. Fortunately, Thuderstrike infections are still theoretical, and no Thunderstrike malware has been spotted in the wild.

      • Ofelia says:

        Regarding the “you wouldn’t” bit: Well, damn it. But if you run Yosemite, you should be okay?

        • Thomas says:

          If you have updated to 10.10.2, specifically, you should be okay. The firmware update that fixed the vulnerability was part of 10.10.2.

          • Timothy B says:

            >The firmware update that fixed the vulnerability was part of 10.10.2
            Maybe I am reading the Apple security notes wrong, but my reading is that the firmware contained in 10.10.2 only patches the firmware on certain hardware. Anything other than MacBook Pro Retina, MacBook Air (Mid 2013 and later), iMac (Late 2013 and later), Mac Pro (Late 2013) are still have vulnerable firmware by my interpretation.

            “CPU Software

            Available for: OS X Yosemite v10.10 and v10.10.1, for: MacBook Pro Retina, MacBook Air (Mid 2013 and later), iMac (Late 2013 and later), Mac Pro (Late 2013)

            Impact: A malicious Thunderbolt device may be able to affect firmware flashing

            Description: Thunderbolt devices could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates.

            CVE-ID

            CVE-2014-4498 : Trammell Hudson of Two Sigma Investments”

          • Al Varnell says:

            My interpretation would be that none of the others were capable of loading option ROM during updates, were never vulnerable and did not require an update.

  • Timothy B says:

    @Al Varnell I don’t have any independent knowledge or experience concerning firmware hacking so I can just base my interpretation on the info that is available (ie the Apple security notes and Trammell Hudson’s disclosure.) Hudson states that the issue is exploitable in every “MacBook Pro/Air/Retina with Thunderbolt that I’ve tested, which is most models since 2011.”
    So, if the Apple fix only offers protection for hardware after ~2013 then it would seem that there may be quite a few machines left without a fix.

This post is more than 90 days old and has been locked. No further comments are allowed.