Better start installing that anti-virus.
It widely known that Macs are not prone to viruses – which was partly true in its early days since most attacks are geared towards Windows users since well, more people use them Today, Mac and Windows users are at an even rate and with that, attackers are slowly focusing their sights on the operating system built by Apple.
Today, new type of vulnerability was discovered that can infect a Mac system on a firmware level – meaning it can stay in the system even if you wipe or reinstall OS X. Most viruses nowadays attacks on a software level that can easily be fixed by restoring the system.
The problem is that since the firmware is the one that is infected, there is little to no chance that it can be repaired – which may result with the user having to purchase a new computer. Once the computer is infected, it will also have the ability to infect other computers as well.
A snippet from the report says that, “An attacker could first remotely compromise the boot flash firmware on a MacBook by delivering the attack code via a phishing email and malicious web site. That malware would then be on the lookout for any peripherals connected to the computer that contain option ROM, such as an Apple Thunderbolt Ethernet adapter, and infect the firmware on those. The worm would then spread to any other computer to which the adapter gets connected.
When another machine is booted with this worm-infected device inserted, the machine firmware loads the option ROM from the infected device, triggering the worm to initiate a process that writes its malicious code to the boot flash firmware on the machine. If a new device is subsequently plugged into the computer and contains option ROM, the worm will write itself to that device as well and use it to spread.
One way to randomly infect machines would be to sell infected Ethernet adapters on eBay or infect them in a factory.”
Apple acknowledged these vulnerabilities and will issue software updates in the next couple of weeks.