Macbook Battery Exploits

Recently it’s been discovered that lithium batteries, especially those within Mac computers, can be compromised via a new malware. batteries use microcontrollers to tell the computer that it is full or when it needs to be recharged while also reporting to the OS so that you can be prompted in advance. A man by the name of Charlie Miller has discover that the batteries shipped within most macbooks have their firmware default password exposed. This leaves anyone that tries the ability to hack your battery.

Miller says has found multiple things that can be done once you are within the battery. He found that by entering multiple wrong passwords you can “brick” a battery. He also saw that if the hacker wanted to they could make the battery explode. The final and most interesting exploit that was discovered was that a hacker could in fact place malware on that could remain on the device even when you try to reinstall the OS. Other methods such as replacing the hard drive and re-flashing the BIOS will also not remove the infection.

The act of actually getting to the microcontroller does take some work however. Also to attack the batter would require another vulnerability between the chip and the operating system. However as Miller said in his one comment,” that is not much of a barrier.”  The article with this information is in fact about 1 and 1/2 months old so I must assume that a fix has been found however, it is kind of scary how anything with a microcontroller can be altered. Also in a apple forum post the topic was brought up and one comment mentioned their aluminum models that have sealed batteries and how they are gonna be in big trouble if the exploit still exists within those computers.

http://www.securityweek.com/hacking-laptop-batteries

http://forums.appleinsider.com/showthread.php?threadid=128882

Advertisements

4 thoughts on “Macbook Battery Exploits

    • yea that seems like a temporary fix however being unable to update the firmware could probably cause some major problems for you

    • The three that were listed in the original post were Apple Macbooks, Macbook Pros and Macbook Airs. So I assume it is only the laptops and not the desktops that have have the exploit.

Comments are closed.