Home / Series / Chaos Communication Congress / Aired Order / Season 31 / Episode 98

Thunderstrike: EFI bootkits for Apple MacBooks (#6128)

Speaker: Trammell Hudson In this presentation we demonstrate Thunderstrike, a vulnerability that allows the installation of persistent firmware modifications into the EFI boot ROM of Apple's popular MacBooks. The bootkit can be easily installed by an evil-maid via the externally accessible Thunderbolt ports and can survive reinstallation of OSX as well as hard drive replacements. Once installed, it can prevent software attempts to remove it and could spread virally across air-gaps by infecting additional Thunderbolt devices.

English
  • Originally Aired December 29, 2014
  • Runtime 60 minutes
  • Created January 1, 2015 by
    Administrator admin
  • Modified January 1, 2015 by
    Administrator admin