A major bug in the Thunderbolt ports used in computers allows a hacker access to the protected files they store, security researchers say.
The bug would allow a hacker to access the contents of a laptop within minutes, they say.
To use the hack, an attacker would need physical access to the device. But that device could be locked, encrypted and secured with a password, and a hacker would still be able to read what was contained on it, according to the Eindhoven University of Technology researchers who discovered the bug.
The researchers caution that the attack is stealthy, meaning that people affected by the bug would not even be able to find any trace of it. A computer’s owner does not need ton do anything to be hit by it and it can get around even sophisticated security protections.
Called “Thunderspy”, the attack takes advantage of a problem in the Thunderbolt port used on many modern laptops and desktop computers. That port is intended to allow quick transfer of files between computers – but it does so in part because it has easier access to some of the central parts of the computer’s architecture, which can serve as an advantage to hackers.
The researchers who discovered the bug have established a special website, also named Thunderspy, which includes a tool to check whether a given computer is vulnerable. If it is, it will give advice on how to protect against the bug – though putting those protections in place is somewhat convoluted.
Björn Ruytenberg, who found the issue, posted a video in which he shows how quickly and simply the attack could be exploited. In just a few minutes, he is able to remove the backplate from the laptop, attaches a relatively cheap device to the inside, and is then able to log in as normal.
A hacker could use the same technique on a laptop that was found inside of a hotel, for instance, the researchers noted. The technology required costs just a few hundred dollars and is relatively small, they said.
Thunderbolt-maker Intel recognised the flaw, and said that it had protected against it with an update to operating systems that came out earlier this year. But security researchers said that update had not been applied on all hardware, and Wired reported that computers from Dell, HP and Lenovo were all still affected by the bug.