What if there were a way to hack into your computer and steal files without leaving a trace? Most viruses nowadays can be detected by antimalware programs, and phishing attacks are obvious once you realize you’ve been duped. To pull off a totally foolproof hack, you need to crack the system’s hardware, not software.
And that’s exactly what one security researcher discovered after experimenting with Thunderbolt-type USB-C ports. He found that, with the right resources, a hacker can easily create a malicious device that can steal data just by plugging it in. Tap or click here to see how a hacker did something similar with a lightning cord.
If your computer features Thunderbolt connections, you’re probably vulnerable to this dangerous new security hole. Here’s what you need to do to stop your PC from leaking like a sieve to malicious USB devices.
Freaky new security hole in Windows and Linux PCs
Security researcher Björn Ruytenberg has stumbled upon a terrible secret inside of the popular Thunderbolt file transfer standard: It can be hijacked by malicious devices that anyone can build for less than $500.
According to a bulletin posted by Rutenberg, who dubbed the flaw “Thunderspy,” the ports can be compromised thanks to an issue with how Thunderbolt speeds up its transfers. To upload and download data fast, Thunderbolt ports gain direct access to system memory, which a modified USB-C device could take advantage of to steal encrypted files.
As a proof of concept, Ruytenbeg proposed a gadget he dubbed the “Evil Maid attack,” after a potential scenario where a hotel maid cracks into an unsuspecting PC. The device can be built for around $400 with a little bit of programming know-how and half of the device’s cost is taken up by the USB-C — peripheral.
Once the device is plugged in, it can scan and extract the system’s files in under 5 minutes. In other words, the Evil Maid attack takes the blazing fast speed of Thunderbolt ports and uses it against your computer. Scary!
How can I protect my computer?
As it turns out, the best way to protect yourself is to use caution when your Thunderbolt devices are involved. Rutenberg advises never sharing Thunderbolt gadgets with anyone else, and only accessing your ports when it’s safe.
Additionally, shutting down your computer when you’re not using it can completely prevent the attack from taking place. In order to hijack a Thunderbolt port, the computer must be on and awake. A computer in Sleep Mode, however, is totally vulnerable.
Not all computers can be attacked through Thunderspy, mind you. If you’re using an Intel-based PC from 2019 or later, Intel has already fixed the flaw in your chipset. Macs are also immune to the attack due to how macOS handles Thunderbolt transfers. Macs currently running Windows or Linux in Boot Camp are still vulnerable.
And, of course, PCs without Thunderbolt ports won’t be at risk for this type of attack. Regular USB attacks are another story, though. Tap or click here to see how a malicious USB device can hijack Cortana.
To see if your PC is at risk, you can visit Rutenberg’s website and click on the link labeled Spycheck for Windows. This will run a quick test on your system to determine if your ports can be compromised. If your computer is at risk, it’s time to start keeping your Thunderbolt devices hidden in a special part of your bag or drawer.
There’s no point in lending connection cables to anyone. With how easy it is to construct a malicious device, you’re playing with fire every time you let your device leave your hands. Tap or click here to see how scammers are sending malicious USB devices through the mail.