Apple often reminds the users how secure the Mac is but the latest Thunderstrike 2 worm is tarnishing its reputation. The worm expands directly through the ROM and can affect any Mac or through a simple email or by connecting any device either through USB or simply from an ethernet adapter.
Thunderstrike 2 is really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware, says the CEO of Legbacore. Unlike any virus that exist in a PC, the Thunderstrike 2 resides in the firmware.
So the only way to get rid of it is to flash a new firmware. Unless one install the new firmware, the worm resides in the ROM and lives in the system persistently. The development of this worm comes from a research where hackers found a way to get into the firmware of the computer through standard references.
Source Wired