• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Any PC Manufactured Before 2019 Is Vulnerable To ‘Thunderspy’ Attack

by Cyber360 News
May 11, 2020
in Security
0
Any PC Manufactured Before 2019 Is Vulnerable To ‘Thunderspy’ Attack
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Björn Ruytenberg, a security researcher from Eindhoven University of Technology, has revealed that all the PCs manufactured before 2019 could be hacked, thanks to a flaw in commonly used Thunderbolt port. Thankfully, exploiting the flaw requires physical access to your device.

Dubbed “Thunderspy”, the attack could allow a hacker to read and copy all the data from your PC even if it is in sleep mode or locked. Moreover, it can also steal data from encrypted drives.

Last year, a group of security researchers discovered a group of flaws in the Intel’s Thunderbolt port found in a majority of PCs. The collection of flaws known as Thunderclap could be exploited by connecting a tailored device to the vulnerable computers to access all the data.

The researchers, then, advised users to use a Thunderbolt feature called ‘security levels’ that turns the port into a mere USB and display port by disabling access to untrusted devices connected to the port.

Now, Ruytenberg has discovered a new technique that makes ‘security levels’ ineffective by modifying the firmware of the internal chip through the ‘Thunderspy’ attack.

At the time of suggesting ‘security levels’ to mitigate the risk when Thunderclap was discovered, Intel also added an additional security mechanism called Kernel Direct Memory Access Protection that could prevent Ruytenberg’s new technique.

However, it has been found that kernel DMA is found only in a handful of PCs manufactured in 2019 or before as it is not an industry-standard yet. Researchers found out that there are no Dell-manufactured PCs with kernel DMA and only a few Lenovo and HP models manufactured in 2019 or before that are equipped with DMA.

You can found out whether your PC has Kernel DMA or not by using this tool designed by Ruytenberg himself.

How does Thunderspy attack works?

In a video released by Ruytenberg as a PoC demo, he has shown how connecting a SPI programmer device with a SOP8 clip connected to the bottom part of the device could allow anyone to rewrite the firmware of the chip.

The process requires unscrewing the bottom lid to connect the malicious device but takes hardly two minutes to disable all the security settings and access data.

Thunderspy – an evil-maid attack

Thunderspy falls in the category of evil-maid attacks which means it requires physical access to a device to attack it, making it less widely exploited as compared to other attacks that could be executed remotely.

However, Thunderspy is a stealth attack, therefore, the victim would fail to notice that his/her device was tampered with once the attacker is done with the procedure.

LEARN TO CODE SQUARE AD

Nonetheless, Thunderspy attack makes millions of Windows PCs vulnerable all over the world, and currently, there are no known measures to mitigate the attack as it requires manufacturers to redesign the hardware, Ruytenberg.

Cyber360 News

Cyber360 News

Next Post
GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In