Eindhoven University of Technology researcher Bj├Ârn Ruytenberg stated that a new attack method called Thunderspy could target Thunderbolt ports. Although the attack requires opening the case of the target laptop, it does not leave traces of intrusion and can be performed in just a few minutes.
Thunderspy can bypass device lock screen and even hard disk encryption to provide full access to the computer’s data on Thunderbolt-enabled Windows or Linux PCs manufactured before 2019. The researcher warns that users should not leave their laptops alone with strangers.
Ruytenberg, who plans to present his research at the Black Hat security conference this summer, said, “The only thing that needs to be done for the evil mad attack is to remove the backplate, instantly install a device, reprogram the system software, and reinstall the backplate. The attack can thus gain full access to the laptop. All of this can be done in less than five minutes. ” says.
Ruytenberg’s technique requires the installation of a SPI programmer device with a SOP8 clip, designed to be attached to the pins of the controller to access the Thunderbolt controller. The SPI programmer rewrites the chip’s software and closes the security settings in about two minutes. The attacker can then use another device to change the operating system to disable the lock screen and disk encryption.
While HP indicates that Thunderbolt-enabled computers have DMA (direct memory access) protection, computer manufacturers like Lenovo and Dell warn users not to connect unreliable devices to their computers. Samsung declined to comment on the subject.
Corporate Video Sharing Application Has Screen Recording Feature To Microsoft Stream