Thunderspy: Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking (aka "evil maid attack")
o *Thunderspy*
https://thunderspy.io/
o "evil maid attack"
https://youtu.be/7uvSZA1F9os
o *Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking*
https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/
"The so-called Thunderspy attack takes less than five minutes to pull off
with physical access to a device, and it affects any PC manufactured
before 2019."
The "technique can bypass the login screen of a sleeping or locked
computer - and even its hard disk encryption - to gain full access
to the computer's data. And while his attack in many cases requires
opening a target laptop's case with a screwdriver, it leaves no trace
of intrusion and can be pulled off in just a few minutes."
"there's no easy software fix, only disabling the Thunderbolt port"
--
As always,. every thread should add value to our overall tribal knowledge.
|