| Thread Tools |
13th May 2020, 08:39 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 153,575
| Thunderbolt enables hackers hard drive access All Thunderbolt-enabled PCs manufactured before 2019 affected Vulnerabilities discovered in the Thunderbolt connection standard could allow hackers to access the contents of a locked laptop’s hard drive within minutes, according to an insecurity researcher from the Eindhoven University of Technology. Wired reports that the vulnerabilities affect all Thunderbolt-enabled PCs manufactured before 2019. Although hackers need physical access to a Windows or Linux computer to exploit the flaws, they could theoretically gain access to all data in about five minutes even if the laptop is locked, password protected, and has an encrypted hard drive. The entire process can be completed with a series of off the shelf components costing just a few hundred dollars. Most worryingly, the researcher says the flaws cannot be patched in software, and that a hardware redesign will be needed to completely fix the problems. Apple’s Macs have offered Thunderbolt connectivity since 2011, but researchers say that they’re only “partially affected” by Thunderspy if they’re running macOS. The result, the report claims, is that macOS systems are vulnerable to attacks similar to BadUSB. This is a security flaw that emerged back in 2014 which can allow an infected USB device to take control of a computer, steal data, or spy on a user. Björn Ruytenberg, the researcher who discovered the vulnerabilities, has posted a video showing how an attack is performed. In the video, he removes the backplate and attaches a device to the inside of a password-protected Lenovo ThinkPad laptop, disables its security, and logs in as though he had its password. The whole process takes about five minutes. https://fudzilla.com/news/50809-thun...d-drive-access |
Thread Tools | |
| |