14 DAY TRIAL // Without any formal announcement, it appears that Apple has bought the company responsible for creating an exploit that could permanently infect Mac firmware.
First revealed at the 31C3 security conference at the end of 2014, the Thunderstrike exploit used a vulnerability in Thunderbolt ports to infect the firmware of Apple devices.
The exploit was extremely dangerous since it was also wormable, meaning it could spread from computer to computer if they were connected via their Thunderbolt ports.
The attack was later expanded in August 2015, when LegbaCore researchers created a more dangerous exploit in the form of an unremovable bootkit that infected Apple's Extensible Firmware Interface (EFI - the successor to BIOS firmware interface), making permanent changes.
Apple approached LegbaCore last summer
According to a MacRumos investigation, it appears that LegbaCore's founders, Xeno Kovah and Corey Kallenberg, were approached by Apple after their Thunderstrike 2 presentation from last August.
Apple apparently asked them to collaborate on "some very interesting and highly impactful work." Soon after that, the two started to wind down all of their existing contracts, and in November 2015, they put their website on ice, announcing they would not be accepting any new collaborations.
The researchers dropped hints about the acquisition all over social media
Since then, Mr. Kovah has continued to drop hints on Twitter about his new "full-time job" at Apple and his work on "low level security."
At last year's 32C3 conference, Trammell Hudson, the researcher who discovered the Thunderstrike attacks dropped hints about the acquisition in his presentation.
It is not uncommon for companies to hire security researchers who hacked them. The last to do so is MacKeeper, a Mac security firm that hired independent security researcher Christ Vickery after he found that one of the company's databases was leaking private information for 13 million users.
As we were having discussions with Apple in the wake of our presentation this summer... — Xeno Kovah (@XenoKovah) November 10, 2015
...it became clear that Apple had some *very* interesting and highly impactful work that we could participate in — Xeno Kovah (@XenoKovah) November 10, 2015
interesting (and no-doubt unexpected) fact: today was @coreykal and my first day as full time employees of Apple! — Xeno Kovah (@XenoKovah) November 10, 2015