Table of Contents
Several computers running Windows, Mac, or Linux OS have become vulnerable to some serious security flaws that are potential to exploit a system’s connection to its keyboard, network cards, computer chargers and other peripherals attached.
The new vulnerability-known as ‘Thunderclap’ are allowing cyber attackers to bypass protection mechanism and steal data directly from operating system’s memory.
Unfolding The Attack!
This new set of security vulnerability was disclosed at the NDSS 2019 Security Conference in San Diego. The report revealed that, “Thunderclap is simply a bunch of loopholes that live in Thunderbolt hardware interface. The way this flaw works, is by taking advantage of Direct-memory-access (DMA), that all Thunderbolt devices have.
DMA allows Thunderbolt devices to read and write data on system’s memory without taking permission from the OS.
A Great level of access is granted to internal components. However, with Thunderbolt interface, via USB-C & DisplayPort connectors, they are capable of replicating those functionalities when plugged externally, giving the interface the same level of access & making the OS vulnerable.
According to the security researcher who discovered the flaw,
“This level of access can allow attackers to steal and track data and run a malicious program on a targeted Thunderbolt interface-equipped machine.”
“Such ports offer very privileged, low-level, direct memory access (DMA), which gives peripherals much more privilege than regular USB devices. If no defenses are used on the host, an attacker has unrestricted memory access, and can completely take control of a target computer: they can steal passwords, banking logins, encryption keys, browser sessions and private files, and they can also inject malicious software that can run anywhere in the system.”
Also Read: 9 Biggest Security Threats of 2019
Microsoft, Apple & Linux’s Take On The Whole Scenario!
According to various reports, “Microsoft have enabled the support for IOMMU protection for Thunderbolt devices but requires users to run the update. In macOS 10.12.4 & later the company addressed a specific network card vulnerability to achieve a root shell. Intel have contributed towards patching the security loophole by releasing version 5.0 of the Linux kernel. (The update is shortly to be released.)
Though this new vulnerability might not affect the latest version users of Windows, Linux & mac OS systems. But it’s a good reminder for users to follow healthy security practices, secure your PC with the Best Antivirus Software and not plug a device that’s not trusted.