Company Macs Apple Lossless Audio CODEC (ALAC), they are sold with a dangerous vulnerability that allows hackers to compromise them and install malware in them right from the moment of setup. At the Black Hat conferences in the US, several computer security researchers demonstrated a method by which a new Mac can be compromised right from the moment of initial setup, if it connects to a Wi-Fi network.
We are talking about an attack directed against Macs sold to companies that use an Apple product management software, MDM, which has a dangerous vulnerability. Everything is based on the fact that a Mac of this kind connects to Apple's servers at the first startup to ask for information on how it should be set, and that way it can be exploited.
Macs Are Sold With a Dangerous Vulnerability
If that Mac is connected to a compromised Wi-Fi network, then a hacker can perform a man-in-the-middle attack to direct the Mac to install malware instead of Apple-recommended applications. Normally, a Mac controlled by the MDM system installs a series of special applications upon first setup, after connecting to Apple's servers, and hackers can force them to install malware.
"When a Mac turns on and connects to Wi-Fi for the first time, it checks in with Apple's servers essentially to say, "Hey, I'm a MacBook with this serial number. Do I belong to someone? What should I do?" If a hacker could lurk somewhere between the MDM vendor's web server and the victim device, they could replace the download manifest with a malicious one that instructs the computer to instead install malware."
Hackers can force Macs to install any kind of malware to control that Mac remotely, or just to steal user data without them knowing. Apple is certainly aware of this problem with the MDM system for Macs, and since it has been officially demonstrated, it will most likely be resolved soon.
