Apple acquired firmware security company LegbaCore in November 2015 as per security researcher Trammell Hudson. The researcher revealed this information during his presentation at the 32C3 conference in December last year. This is the same company that had worked with Hudson on the first worm for Macs to affect their firmware, Thunderstrike 2.
After the acquisition, LegbaCore had updated its website to announce that it will not be accepting any new customers.
What did Apple hire us to do? We can’t say. 🙂 Well, we can probably say something like “low level security” (I don’t know our job titles)
— Xeno Kovah (@XenoKovah) November 10, 2015
Thunderstrike 2 was the first of its kind firmware worm for Macs that were almost impossible to remove. The worm could easily bypass any updates to the system, or even reinstall itself at will, thereby making it incredibly dangerous. Apple had promised in August last year that it would fix the Thunderstrike 2 exploit as soon as possible, and it looks like its solution was to hire one of the teams that worked on the exploit itself.
LegbaCore does not own any specific technology and is just a security consultancy firm, but it is likely that their work with Thunderstrike 2 impressed Apple thereby leading the company to acquire them. Apple will probably use the expertise of the security firm to improve the low-level firmware on Macs and iOS devices.[Via MacRumors]