silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,149
University of Cambridge and Rice University researchers have created a platform that allows cyberattacks to be conducted through a variety of computer peripherals through their USB-C port.
The platform, called Thunderclap, an open-source platform created to study the security of computer peripherals and their interactions with operating systems in computers with Thunderbolt ports, reported Scientific Daily. Computers running Windows, macOS, Linux and FreeBSD were all found vulnerable through their USB-C port.
The specific vulnerability derives from the fact that peripherals have direct memory access to the unit they are connected to which allows them to bypass the operating system’s security policies. While such attacks are not new and the systems feature input-output memory management units to protect against such attacks these are often turned off and can be bypassed Scientific Daily reported.