When we consider malware or security vulnerabilities, we believe that failure may be in some components of the software, such as vulnerabilities in the operating system. However, a group of researchers has just found weakness in one of the best and most versatile connectors on the market.
We are thinking about Thunderbolt, the Intel device that in its new update uses USB Type C as a connector, of which Apple has talked by using it as the only port on their laptops. It is currently being used by millions of machines, and all those fabricated before 2019 are susceptible to a Thunderspy strike.
This is how the researcher from Eindhoven University of Technology named Björn Ruytenberg, where machines operating Windows or Linux before 2019 (and several subsequent versions) want a loophole that helps them to circumvent the login monitor of the device, even encode the disk and render access to the data difficult.
The assault involves the use of a screwdriver to enter the interior of the machine to briefly attach the system and change the software, so it has the benefit that it leaves no trace and can be used for machines that are left unattended for a while (in the hotel, for example) or for stolen machines. The SPI programmer with the SOP8 chip just needs to link it to the console and rewrite the whole memory. You will see the entire cycle in this picture.
Other threats in the history, such as Lightning bolt, have rendered it possible to circumvent all conductor protection controls that could be solved through setting up a machine through disabling the link to unknown computers, or through disabling the connector and turning it to a basic USB or DisplayPort. The issue is that Thunderspy also helps you to circumvent the security by changing the software responsible for port management and pressuring the device to allow it to be linked.
Therefore, the only way to protect yourself from this attack is to disable the Thundebolt port from the BIOS if your computer is one of those affected by this attack.
Comments
Post a Comment