Hackers and security researchers have reportedly discovered two exploits to jailbreak and hack into the Mac computers and Macbook devices. According to Forbes, the exploit leverages a flaw in Apple’s T2 security chip within the read-only memory of the T2, making the vulnerability virtually unpatchable.
According to Forbes, security researchers state that this security flaw leaves user data exposed to hackers and other malicious attackers.
Tech Radar reveals that the flaw in Apple’s T2 security chips have been made available since 2018 when the tech giant switched to using these to all of its devices.
While the exploitation of user data and devices are relatively complex, two exploits initially utilized for jailbreaking and hacking into iPhones revealed that it is possible to break into the T2 chips used by Apple.
The two exploits in questions are checkm8, also known as checkra1n, and Blackbird. Both have been previously targetted for the jailbreaking of iOS-powered devices.
Exploits on Mac computers and Macbooks are possible because it leverages the A10 chip which is also found in the iPhone X, reveals Forbes.
In a statement by Mahit Huilgoi, “The exploit is called check8 and was developed initially for iPhone X. Interestingly, the iPhone X is powered by A10 processor, and the T2 chop is also modeled after the A10 processor. Typically, the T2 chip throws a fatal error whenever it gets a decryption call.”
“However, the attackers can circumvent the check with the help of a blackbird vulnerability. The worst part is that sepOS/BootROM is Read-Only memory, which means Apple will not be able to patch this without changing the hardware,” continued Huilgoi, notes Forbes.
The said exploits have reportedly been making waves on social media sites Twitter and Reddit after it had been tested and confirmed by Apple security researchers and jailbreaking experts, notes ZD Net.
Tech Radar shares that in order to bypass and exploit a Mac or Macbook, the computer or laptop in question should be connected to a USB-C cable with the Checkra1in software being run during the boot-up segment.
Doing so reportedly provides the attacker to gain access to the Device Firmware Update (DFU) without requiring authentication, allowing the threat actor to completely gain control of the said device.
ZD Net states that since the T2 security chip is a hardware concern, the only way to deal with attacks is to reinstall the BridgeOS.
Despite repeated requests for comment on the issue, Apple has yet to make a statement.
