Vulnerabilities in Thunderbolt Sockets Threaten Millions of PCs

A researcher from the University of Eindhoven has discovered seven flaws in Thunderbolt technology, and it affects all computers designed before 2019, whether they run Windows, Linux and even Mac depending on the conditions. He created nine attack scenarios that can hack a computer in five minutes.

Five minutes. It is the time necessary for a hacker to recover data from a PC, under Windows or Linux. Even if it is in standby or locked! This was discovered by Björn Rutenberg, a researcher at a university in Eindhoven (Netherlands), and he baptized his find Thunderspy. According to him, all computers designed before 2019, equipped with a Thunderbolt socket, are vulnerable to its attacks based on 7 flaws discovered in this connection technology.

Seven flaws that inspired him nine types of detailed attacks and it still requires a little tinkering since you have to open the laptop cover, have cables and small ad hoc programs. You also need a screwdriver and locate the Thunderbolt controller. As the video below shows, five minutes are enough to take control of the laptop, and thus have access to the data. Clearly, the possible hacker will need to steal his victim’s computer to hack him.

You can check the protection of your computer

Adopted and prized for the speed of its transfers and its versatility, whether on Mac or PC, the Thunderbolt socket is in fact victim of its strong point: the quick access to the RAM . This is where the flaw is, and the researcher explains that it cannot be corrected for computers sold before 2019. This represents millions and millions of models … For computers sold after 2019, it all depends from the manufacturer. Thus HP integrates a protection program, but this is not necessarily the case with the competition.

As for Macs, they are generally spared, but they remain vulnerable if the user runs Windows or Linux via Bootcamp . If you are worried about being hacked, these experts have put a little software online that checks whether your computer is vulnerable to this type of attack. Its name: SpyCheck .