Intel Security Release MacOSX New Detection Tool For EFI Rootkits

Intel Security has released a new tool for making sure your MacBook isn’t vulnerable to one of the many exposed techniques.

According to the tranche of documents, the CIA had developed an EFI (Extensible Firmware Interface) rootkit for MacBooks. The rootkit, called DarkMatter, would replace the BIOS on a MacBook and run malicious code. Rootkits are pretty advanced pieces of malware, designed to avoid detection. Inter Security published the scanner to help users identify if they are affected. The scanner is a module for CHIPSEC, Intel’s framework for analyzing PC security.

“EFI firmware malware is a new frontier for stealth and persistent attacks that may be used by sophisticated adversaries to penetrate and persist within organizations and national infrastructure for a very long time. Use open-source CHIPSEC to defend from this threat and stay safe,” said the company.

The update from Intel comes just a couple of days after Apple issued a note to users stating that it has resolved many of the bugs and vulnerabilities that had emerged from the CIA document dump. Intel’s move will provide another fix to the wide array of issues that have cropped up since WikiLeaks published the data.

The whistleblower organization added later in the week that it would not publish details about the CIA’s zero-days — bugs that have yet to be discovered by the software’s developers — until it has alerted the developers to patch the bug, thus providing at least a little more protection for users.

%d bloggers like this: