Thunderspy: Difference between revisions

'''Thunderspy''' is a type of [[Vulnerability (computing)|security vulnerability]], based on the [[Thunderbolt (interface)|Intel Thunderbolt port]], first reported publicly on 10 May 2020, that can result in an [[Evil maid attack|evil maid]] (ie, attacker of an unattended device) attack gaining full access to a computer's information in about five minutes, and may affect millions of [[Apple Inc.|Apple]], [[Linux]] and [[Microsoft Windows|Windows]] computers, as well as any computers manufactured before 2019, and some after that.<ref name="WRD-20200510">{{cite news |last=Greenberg |first=Andy |title=Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking - The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019. |url=https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/ |date=10 May 2020 |work=[[Wired (magazine)|Wired]] |accessdate=11 May 2020 }}</ref><ref name="VRG-20200511">{{cite news |last=Porter |first=Jon |title=Thunderbolt flaw allows access to a PC’s data in minutes - Affects all Thunderbolt-enabled PCs manufactured before 2019, and some after that |url=https://www.theverge.com/2020/5/11/21254290/thunderbolt-security-vulnerability-thunderspy-encryption-access-intel-laptops |date=11 May 2020 |work=[[The Verge]] |accessdate=11 May 2020 }}</ref><ref name="FRBS-20200511">{{cite news |last=Doffman |first=Zak |title=Intel Confirms Critical New Security Problem For Windows Users |url=https://www.forbes.com/sites/zakdoffman/2020/05/11/intel-confirms-critical-security-flaw-affecting-almost-all-windows-users/ |date=11 May 2020 |work=[[Forbes]] |accessdate=11 May 2020 }}</ref><ref name="TSY-2020">{{cite news |last=Ruytenberg |first=Björn |title=Thunderspy: When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security |url=https://thunderspy.io/ |date=2020 |work=Thunderspy.io |accessdate=11 May 2020 }}</ref><ref name="SW-20200511">{{cite news |last=Kovacs |first=Eduard |title=Thunderspy: More Thunderbolt Flaws Expose Millions of Computers to Attacks |url=https://www.securityweek.com/thunderspy-more-thunderbolt-flaws-expose-millions-computers-attacks |date=11 May 2020 |work=SecurityWeek.com |accessdate=11 May 2020 }}</ref><ref name="TP-20200511">{{cite news |last=O'Donnell |first=Lindsey |title=Millions of Thunderbolt-Equipped Devices Open to ‘ThunderSpy’ Attack |url=https://threatpost.com/millions-thunderbolt-devices-thunderspy-attack/155620/ |date=11 May 2020 |work=ThreatPost.com |accessdate=11 May 2020 }}</ref><ref name="BN-20200511">{{cite news|last=Wyciślik-Wilson |first=Mark |title=Thunderspy vulnerability in Thunderbolt 3 allows hackers to steal files from Windows and Linux machines |url=https://betanews.com/2020/05/11/thunderspy-security-vulnerability/ |date=11 May 2020 |work=BetaNews.com |accessdate=11 May 2020 }}</ref><ref name="SR-20200511">{{cite news |last=Gorey |first=Colm |title=Thunderspy: What you need to know about unpatchable flaw in older PCs |url=https://www.siliconrepublic.com/enterprise/thunderbolt-port-hacker-vulnerability-thunderspy |date=11 May 2020 |work=SiliconRepublic.com |accessdate=12 May 2020 }}</ref> According to Björn Ruytenberg. the discoverer of the vulnerability, "All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop. All of this can be done in under five minutes."<ref name="WRD-20200510" />