Some Apple Macs have a particularly terrible flaw that lets hackers sneak in and remain undetected, a security researcher has found.
It means a hacker could -- from far away -- force a Mac into a coma. Personal, corporate or government Macs could be spied on in a way that even the best security checks wouldn't discover -- until it's way too late.
'This is scary,' said Sarah Edwards, a forensic analyst at the SANS Institute who specializes in reviewing computers for evidence of hacks. 'I would never see this. There could be funky stuff going on in the computer system, and I would never know why.'
What makes this one so bad? It's a computer bug that runs especially deep in the machine.
Set GateKeeper to prevent digitally unsigned apps GateKeeper is a malware check app that protects your Mac from malware and misbehaving apps downloaded from the internet. Set your GateKeeper to alert you when you download any digitally unsigned app, or if the file is not from the Apple store. It adds an extra layer of protection to you Mac. Mar 25, 2020 Sign in to your Apple ID account page. If you can't sign in or you receive a message that the account is locked when you try to sign in, try to reset or unlock your account. Change your Apple ID password and choose a strong password. Review all the personal.
All computers have some kind of basic input/output system (BIOS), the core program that brings a machine to life. It's the kind of thing you should never tamper with. And it should obviously remain heavily guarded.
But Macs purchased one year ago or before, apparently, leave a door open.
When a Mac goes into sleep mode and wakes back up, it allows direct access to the BIOS. It's a weird quirk that lets someone tamper with the code there. That's what was discovered recently by Pedro Vilaça, a curious independent computer security researcher in Portugal.
He revealed this vulnerability publicly in a blog post last Friday. He told CNNMoney he alerted Apple directly soon thereafter.
Apple(AAPL) did not respond to questions about this flaw -- nor would it say when it plans to release an update to fix it.
Several cybersecurity experts confirmed to CNNMoney that this is a real problem, and they plan to research further in the next few weeks.
This isn't an easy hack. An attacker first needs administrative access to a machine. But what this means is that if a Mac gets hacked with a low-level computer virus, it can bury so deep you'll never find it.
That's the real problem here. It gives hackers more time to plot a massive bank heist or a huge corporate takedown, like the Sony Pictures hack.
So, who's in real danger? High-value targets: think company executives, bankers, politicians, the wealthy, journalists, or anyone else worth spying on for a long period of time.
The average Mac user doesn't have to worry about this one, because they're actually susceptible to cheaper, easier hacks -- that are easier to spot and fix. So says Katie Moussouris, an executive at HackerOne, which helps companies fix dangerous computer bugs.
Tod Beardsley, a security research manager at cybersecurity firm Rapid7, stressed that most Mac users aren't likely to get hacked because of this bug. He said the flaw is 'certainly surprising ... but the bar of difficulty is pretty high.'
This is the second major flaw in Apple devices discovered in the last week. Recently, people discovered that you can crash someone's iPhone simply by sending it a text message.
Vilaça decided not to name this bug. But every major computer flaw nowadays deserves a name. Given that it involves a poisonous kiss that wakes a sleeping Mac, Moussouris suggests this one: Prince Harming.
Twitter accounts belonging to Joe Biden, Bill Gates, Elon Musk and Apple, among other prominent handles, were compromised on Wednesday in what Twitter said it believes to be an attack on some of its employees with access to the company’s internal tools.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter’s support team said late Wednesday.
The attackers posted tweets that appeared to promote a cryptocurrency scam.
The accounts, along with those of former President Barack Obama, Kanye West, Kim Kardashian West, Warren Buffett, Jeff Bezos and Mike Bloomberg, posted similar tweets soliciting donations via Bitcoin to their verified profiles on Wednesday.
“Everyone is asking me to give back, and now is the time,” Gates’ tweet said, promising to double all payments to a Bitcoin address for the next 30 minutes. All the tweets were subsequently deleted.
“Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers,” Twitter said. “We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.”
In a tweet on Wednesday, CEO Jack Dorsey said it was a “tough day for us at Twitter.”
“We all feel terrible this happened,” Dorsey said. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
A little more than an hour after the attack began, Twitter apparently moved to prevent holders of verified accounts from tweeting. Non-verified accounts could still tweet, however.
Around 8:30 pm ET, roughly three hours after Twitter first said publicly that it was investigating the apparent hack and a little more than two hours after it shut down tweeting for some accounts, Twitter said the majority of accounts had been restored to full functionality.
Stop Mac Hacks 2017
“Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go,” Twitter said. “We’re working to get things back to normal as quickly as possible.”
The company said it is still investigating the breach and what other data may have been compromised.
“We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
The sheer number of prominent accounts impacted made it arguably the biggest security incident in Twitter’s history. A hack like this is particularly concerning not just because of any financial scam that can be run, but because so many world leaders use Twitter — and some, like President Donald Trump, use it to announce major policy decisions. A hack that took over an account belonging to one of those leaders could have devastating consequences.
Last year, Dorsey’s account was hacked, raising concerns about whether any account on the platform can truly avoid being compromised. The mechanism by which that hack occurred was fixed by Twitter after Dorsey’s hack and there’s no reason to believe it is to blame here.
A campaign aide for Biden said Twitter “locked down” his account immediately. “We remain in touch with Twitter on the matter,” the aide added.
“We can confirm that this tweet was not sent by Bill Gates,” a spokesperson for Gates told CNN Business. “This appears to be part of a larger issue that Twitter is facing. Twitter is aware and working to restore the account.”
Asked whether it was concerned about the President’s account potentially being affected, or whether it was in touch with Twitter about the issue, the White House declined comment.
Stop Mac Hacks Free
The first Bitcoin wallet featured in some of the tweets only became active on Wednesday, Tim Cotten, a Bitcoin researcher, told CNN Business. In the hours immediately after the wallet’s identification number was posted to Twitter, it received more than $100,000 worth of Bitcoins through hundreds of transactions, Cotten said.
Some of that Bitcoin was then transferred to other wallets, he added.
The apparent scam has also caught the attention of the FBI.
“We are aware of today’s security incident involving several Twitter accounts belonging to high profile individuals,” the FBI’s San Francisco field office said in a statement. “The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud. We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”