This post originally appeared on Business Insider.
Apple has hired two security researchers who previously worked on viruses targeting Mac computers.
LegbaCore founder Xeno Kovah revealed on Twitter in November that he and his partner, Corey Kellenberg, had been hired by Apple to do “low level security.” The move went unnoticed until another security researcher revealed it during a presentation at a security conference in December.
LegbaCore was best known for developing a proof-of-concept virus-worm hybrid called Thunderstrike 2 that targeted Mac computers. The worm that Kovah developed was able to spread from MacBook to MacBook, even if the computers were not connected to the Internet.
“[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware,” Kovah told Wired in July.
Kovah’s worm virus was the first to attack Macs at the firmware level, according to Wired, which means it targeted the software that boots up before the computer’s primary operating system, OS X. It’s a valuable kind of attack because it usually can’t be detected by antivirus and other security software.
After Thunderstrike 2 installed itself on a target’s computer, it could spread to certain peripherals, such as a Apple-branded Thunderbolt Ethernet adapter, which would then spread the virus to other Macs it was plugged into.
But instead of exploiting their findings or selling it to the highest bidder, Kovah and team notified Apple of the vulnerabilities, which have since been fully patched. Although Apple does not pay “bug bounties” to researchers for finding security problems, the high road seems to have worked out for the founders of LegbaCore.
See also: A Huge Security Flaw has Been Discovered in Apple Devices
