Hackers Can Get into Millions of PCs Due to Thunderbolt Flaws
%2Favatars%2Fbs4H99bMLD3P.jpg&w=96&q=75)
%2Fimg%2Fiea%2FrV6n0JlZOX%2Funtitled-design-2020-05-11t133016814.jpg&w=3840&q=75)
PCs manufactured before 2019 are becoming the targets of hackers as they have flaws linked to Intel's Thunderbolt.
Hackers need to get their hands on the physical computer or device, but once they do, it only takes them five minutes to get into them with a technique called Thunderspy.
The information was first reported by Wired.
SEE ALSO: 7 COUNTRIES HAVING THE MAJORITY OF HACKERS
Thunderbolt and Thunderspy
As per Wired's report, security experts had previously warned that if a computer is left with a hacker for mere minutes, it should be considered compromised.
Now, a new demonstration led by Björn Ruytenberg, a researcher at the Eindhoven University of Technology in the Netherlands, shows how a physical attack by a hacker can be pulled off just by using a very common component found in millions of PCs: the Intel Thunderbolt port.
Ruytenberg demonstrated the attack method, which he named Thunderspy, which bypasses the login screen, as well as the hard disk encryption of a sleeping or idle Linux PC or Windows computer manufactured prior to 2019, in order to gain complete access to the device's data.
This new technique leaves no trace of intrusion and can be completed in under five minutes. That said, the attack usually requires a screwdriver, as the hacker needs to first open the computer physically.
According to experts, this new technique opens another avenue in what security experts call an "Evil-Maid-Attack." This type of attack is when hackers breach a computer, which has no easy software fix aside from entirely disabling the Thunderbolt port, as per Ruytenberg.
"All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop," explained Ruytenberg. "All of this can be done in under five minutes."
It sounds worryingly simple, and Ruytenberg plans on presenting his Thunderspy study this summer at the Black Hat conference in more detail.
In the meantime, you can view the researcher's method of hacking into a PC in his demo, here:
SHOW COMMENT (1)
/2023/05/26/image/webp/6Co80ZJJXboUOYLXIuCvkafLsBWpH8MROKX60PUF.webp "Hyper-luxury Bugatti tower will have its residents drive up to their floor")
/2022/08/24/image/jpeg/AeKXo1p1gWH6TLmmFHLgJmaL0myPefpt8yA0QtOt.jpg "A novel membrane desalination approach may provide potable water from seawater")
/2023/03/24/image/png/K9oj1voZEaFCD46qxQ4fJbZ0Dqp6ueyAJt5LMRtT.png "Next-generation space superfood inspired by Japan’s aging population")
/2022/10/02/image/jpeg/ys53vttMvjsAGvf0iCorWnGWQqTAIk9AS2vu977m.jpg "‘Let’s build the ring’: How a 360-degree image posted on Facebook inspired an ambitious sci-fi film")
/2023/05/10/image/jpeg/5BHjchvXNwDN4XCyNfXdE4NEmeVaDCGRXX5pWAFq.jpg "Reimagining the double-slit experiment: Time as a new dimension for the control of light")
/2023/05/27/image/jpeg/hUmy6fVQvimxfN8HBZ2IjrGKW1f8AVmrkTi3wPtJ.jpg "Stanford professor says he is 100% sure that aliens are already on Earth")
/2023/05/26/image/jpeg/smTFO3AG7ESAzCi8L0kVnrUEHbVmcjiZ2KhVW0QE.jpg "Potential cure for diabetes found in groundbreaking stem cell study")
/2023/06/03/image/jpeg/MwGIp61b2PM577qboU4pfCmoiPEju8IbV9fCHbx8.jpg "Hawking was right: All large objects will eventually evaporate")
/2023/06/03/image/jpeg/LJsTJ6HYfeZoh6Hlc4JLiP05g8ykKNa1WXClqVwX.jpg "Scientists detect the breath between atoms")
/2022/11/26/image/png/2muGBhdpLHKNGuE57pCWvo0PJGj2EtTvg8RZDcoq.png "These next-generation engineered bacteria can detect water contaminants in real time")