Categories: Technology

New hack exploits Thunderbolt vulnerabilities, put millions of PCs at risk

Share

Security researchers recently confirm a vulnerability that takes advantage of Thunderbolt ports in many personal computers.

The hack only takes a couple of minutes to execute. However, hackers need to have physical access to the target computer to execute it.

Security experts simply call it Thunderspy. The attack takes advantage of an unsecure Intel Thunderbolt ports that are commonly found in many personal computers. The researchers note that PCs manufactured before 2019 are prone to this new attack.

What are the targets

Bjorn Ruytenberg is the Dutch security researcher that first reported the vulnerability. He claims that he can pull off the hack in just a matter of minutes, as long as he has a physical access to the device.

Thunderbolt ports are some of the most common ports found in many personal computers. The hack can be executed on both Windows and Linux operating systems, as long as they have a Thunderbolt port.

In a statement, Mr. Ruytenberg says:

“All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access of the laptop.”

There are different kinds of approach in executing the hack. The hardest of which requires opening the backplate of the laptop in order to deliver the payload.

The scariest part of the hack is that it is completely untraceable. Though the hacker needs to have physical access to the target device, the entire hack can be execute without any trace of intrusion.

The vulnerability

Security researches have long been doubtful about the security features of the Thunderbolt port. This particular port provides high-speed data transfer. However, it opens up a lot of vulnerabilities to the device.

One of the main reasons why the Thunderbolt port is fast is due to the fact that it gives direct access to the computer’s memory. This leaves a lot of vulnerabilities for malicious users to exploit.

Last year, a group of security researchers presented a hack known as Thunderclap. The hack can completely bypass all security measures by simply plugging a compromised device into a Thunderbolt port.

As a security precaution, experts recommend that users take advantage of a feature they call “security levels.” This feature does not allow untrusted devices to access the port.

In order to mitigate these hacks, Intel launch a security project it calls Kernel Direct Memory Access Protection. This feature does provide additional security measures for the Thunderbolt port. However, it would appear that it is still no enough.

Image courtesy of Mk2010/Wikimedia Commons

Yen Palec

Published by
Yen Palec

Recent Posts

How can a digital currency futures exchange be considered legal?

With the hotness of the cryptocurrency market, more and more people want to make a…

3 hours ago

DeHive partners with LVT Capital

DeHive has, recently, entered into a partnership with LVT Capital. This is a major partnership…

4 hours ago

Dogecoin (DOGE) briefly dethrones XRP as the world’s 4th biggest cryptocurrency

Like a dog that just got out of a cage, the excitement being shown by…

8 hours ago