Detecting a Thunderbolt flaw allows a hacker to steal system data for 5 minutes
Thunderbolt is a great achievement when it comes to wired connectivity technology on electronics. This is a high-speed connection standard, developed by Intel under the code name Light Peak and first appeared on the MacBook Pro 2011. The strength of Thunderbolt lies in its ability to both charge and connect. connect and transfer data between computers and other peripherals, all with a single cable. Especially, the ability to transfer data very fast, up to 10Gbps / s - about 2 times higher than USB 3.0 and 20 times higher than USB 2.0. However, Thunderbolt also contains a "fatal" flaw.

Recently, international security researcher Bjorn Ruytenberg unexpectedly discovered a vulnerability called 'Thunderspy' that exists in Thunderbolt ports, allowing hackers to easily steal data stored on the system. if there is physical access to the device, even if the user has a computer key and encrypted data. More seriously, the whole process of exploiting this vulnerability takes only a maximum of 5 minutes to proceed in the case of skilled hackers, and the necessary equipment is just screwdrivers and another "mobile hardware". .
Here is the whole process of Bjorn Ruytenberg's 5-minute Thunderspy flaw exploitation:
The underlying cause of Thunderspy is that Thunderbolt allows external devices to directly access the memory of the PC to retrieve data in a short time. However, a good hacker can intervene directly with the hardware system that controls the Thunderbolt port to connect the PC to other unknown removable devices to steal data. The only downside to this type of attack is that hackers are forced to have physical access to your PC, but it possesses three other great advantages, which are to leave no trace. can be done in a fraction of the time, and are cheap.
Intel has confirmed Thunderspy's existence, and has implemented a new security system called Kernel Direct Memory Access (DMA) to mitigate and prevent attacks from this vulnerability. However, at the present time, DMA has only been implemented on Windows 10 from version 1803 RS4 and above, Kernel Linux from 5.x and above and MacOS 10.12.4 and above.
As recommended by Bjorn Ruytenberg, users should disable the Thunderbolt ports in the BIOS to completely prevent this vulnerability. You should also keep an eye on your PC and deploy hard drive encryption.
You should read it
- The reason Thunderbolt 3 is the preferred connection standard
- Compare USB4 and Thunderbolt 4
- Why Apple's Thunderbolt 4 Pro Cable Is So Expensive, $129
- The Mac may support both USB 3.0 and Thunderbolt
- Standard 10Gb connection per second from Apple and Intel
- Who is ThunderBolt for?
- CT scan of Apple's Thunderbolt 4 Pro cable shows why it costs $129
- Apple LED Cinema Display is equipped with Thunderbolt
May be interested
- Hackers use Raspberry PI computer to steal 500 MB of NASA important datain april 2018, nasa discovered an account belonging to an external user who had compromised the network in the jet propulsion labortary (jbl) laboratory and stole about 500 mb of data related to the programs of this space agency.
- Compare USB4 and Thunderbolt 4usb4 and thunderbolt 4 were released a year apart, and although there are some similarities between these two computer interfaces, there are also many differences.
- Hackers use simple tricks to steal Ethereum worth 7 million dollars in 3 minutesit only takes 3 minutes and 'a simple trick' is that this hacker stole 7 million ethereum, news that shook the virtual money market.
- The reason Thunderbolt 3 is the preferred connection standardthunderbolt 3 is a high-end connection standard developed by apple and intel for use with the macbook product line. currently, other companies have also updated the thunderbolt 3 port integration for their product lines.
- Why Apple's Thunderbolt 4 Pro Cable Is So Expensive, $129thunderbolt 4 pro cable was launched by apple in early march at the same time as mac studio and studio display.
- Detecting new malware on WinRAR can infiltrate computers and steal dataresearchers have discovered a new type of malicious code that could take advantage of the security bug on winrar decompression software to hijack and hijack computers to steal data.
- Who is ThunderBolt for?apple and intel have introduced thunderbolt - a new interconnect cable technology, combining data transfer and video. but what benefits will users benefit from this technology?
- The Mac may support both USB 3.0 and Thunderboltapple can integrate usb 3.0 connectivity in future macs alongside thunderbolt high-speed connectivity technology.
- White-haired 'monsters'hackers 'white hats' combine a passion for research, discovery and fighting against underground forces that always seek to destroy. in this article, we will return to the original hacker definition and explore the world of white-hat hackers.
- Found an 'unpatchable' flaw in Intel CPUsinternational security researchers have identified a critical flaw that exists in intel cpus.