Who said Mac users’ data is safe and secure? Swedish hacker, Ulf Frisk, recently disproved this myth. He developed a new device which has the ability to hack even Mac operating systems. But is learnt that this hack can be done only when the system is on sleep mode or lock mode. The device is named as ‘PCI Leech - Thunderbolt Port’ and it’s very cheap - priced at around $ 300. With this device, a hacker can steal the victims’ data in just 30 seconds. Mac systems have their own weaknesses as well. They don’t protect the users’ data from ‘Direct Memory Access’ (DMA) attacks before the system starts to boot. Their ‘Extensible Firmware Interface (EFI)’ which is quite similar to Windows BIOS is another issue which stores passwords as plain texts making it easier for hackers to steal. So, this is what made Frisk develop a well-planned hacking device. In addition to getting stored as plain texts, the passwords in Mac will also be stored in multiple locations. This is what makes the attacker easily plug into the DMA and reboot the OS. Once the OS is successfully rebooted, boot’s encryption will be decrypted, enabling the attacker to access the computer without any secure blocks. Frisk mentioned about the device’s working in his blog. He posted, ‘MacOS FileVault2 will let attackers with physical access retrieve the passwords in clear text by plugging my $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. To secure your mac just update it with the December 2016 patches.’ ‘Anyone including, but not limited to, your colleagues, the police, the evil maid and the thief will have full access to your data as long as they can gain physical access - unless the mac is completely shut down. If the mac is sleeping it is still vulnerable,’ he added.
‘Just stroll up to a locked mac, plug in the Thunderbolt device, force a reboot (ctrl+cmd+power) and wait for the password to be displayed in less than 30 seconds,’ he concluded.Users around the world prefer Mac for its security but this vulnerable flaw landed many users in trouble. But, let’s hope the new update of 13 December rectifies this flaw..
