Apple Hires Founders of Firmware Security Company LegbaCore

November 2015 saw Apple quietly hired the founders of LegbaCore, the company who, along with researcher Trammell Hudson, discovered the first firmware worm to affect Macs in Thunderstrike 2.

While the hiring of LegbaCore founders Xeno Kovah and Corey Kallenberg has been reported as an acquisition by some news outlets, it is also possible the pair simply shut down their company, in order to join Apple. The company reportedly owned no valuable IP or tangible assets.

The pair revealed in November that they had joined Apple as full-time employees, and just a few days before that, a post on the LegbaCore website revealed the company would “not be accepting any new customer engagements,” although the website would remain up “to serve as a reference for LegbaCore’s past work.”

The company first gained notice when it worked with researcher Hudson on the Thunderstrike 2 worm, the first of its kind to affect Mac computers. The malware is impossible to remove via both firmware and software updates. The team alerted Apple to the vulnerability, and Apple issued a fix in June 2015.

Apple expressed interest in hiring the minds behind LegbaCore during communications about the Thunderstrike 2 vulnerability, said Kovah, who tweeted about it back in November:

The “acquihire” of Kovah and Kallenberg should prove useful to Apple as the Cupertino firm continues to work to improve the security of their Operating Systems, firmware, and applications.

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.