As lowendmac in February 2018 reported, the Thunderstrike Mac Malware had been patched in 10.10.2, but it effectively has to be checked as some users and Macbook (Pro) models "never had the protective EFI updates installed". I am wondering which other best-practices are there to check for EFI infection and other Malware on OSX.
I am specifically searching for self-verifiable things (not third party program), such as lists of known malware, EFI checksums and shell scripts.
Is there actually some USB-ISO to test if the EFI is okay?
Best Answer
There are several tools available from Howard Oakley’s site that I would recommend that you look at.
SilentKnight – a new generation with fully automatic security checks
silnite – a command tool which performs the same checks as SilentKnight
LockRattler – a quick check of your security systems
Those three tools can be found at https://eclecticlight.co/lockrattler-systhist/.
All are available for free.
He has other free tools which can all be found linked to https://eclecticlight.co/downloads/.
I realize these are 3rd-party tools, but they are also the best ways that I know of to actual accomplish your goal of checking to make sure things are up-to-date.