A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
Millions of computers sporting Intel’s Thunderbolt ports are open to hands-on hacking attempts due to vulnerabilities in the hardware interface, according to research published by security researcher at Eindhoven University of Technology in The Netherlands Björn Ruytenberg. Dubbed Thunderspy, the attack method affects Thunderbolt-equipped machines manufactured between 2011 and 2020 and is a concern with machines running any of the three major operating systems – Windows, Linux and, to a lesser extent, macOS.
To snatch data from a PC through a so-called evil maid attack, all a bad actor would need is a few minutes, physical access to the device. and some off-the-shelf equipment. “All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop,” Ruytenberg told Wired, adding that the whole process could be managed within five minutes. A total of 7 vulnerabilities were found to affect Thunderbolt versions 1 through 3 and they’re all listed out in detail in the research paper.
The attack method works even if you follow best cybersecurity practices, such as locking your computer when stepping out for a moment and using strong passwords and security measures such as thunderbolt flaws millions physical hacking
