Skip to main content

Check your ports! Researchers find scary vulnerability in Thunderbolt accessories

Apple MacBook Pro OLED with Touch Bar
Malarie Gokey/Digital Trends

A newly discovered vulnerability behind the Thunderbolt port on recent Macs or PCs could leave your computer exposed to an attack. Essentially, when a malicious accessory is plugged into a Thunderbolt port, hackers may be able to gain access to your files and steal data.

Researchers revealed the Thunderclap vulnerability at the Network and Distributed System Security Symposium, showing how direct memory access, or DMA, used by Thunderbolt ports to speed up access to memory puts your computers at risk. In addition to Thunderbolt ports, the researchers say that the vulnerability also affects a slew of other ports that take advantage of the low-level memory access privilege, including Firewire, Thunderbolt 2 and 3, and USB-C.

While DMA risks have been previously known, designers built in Input-Output Memory Management Units, (IOMMUs) as safeguards. The way this works, according to Sophos’ Naked Security blog, is that “access is granted through a virtual address space managed by the operating system in conjunction with hardware Input-Output Memory Management Units.”

However, IOMMUs aren’t quite as effective as previously thought. When a hacker plugs in a compromised peripheral that contains malicious code, there are ways to bypass the IOMMU layer. “These vulnerabilities allow an attacker with physical access to a Thunderbolt port to compromise a target machine in a matter of seconds, running arbitrary code at the highest privilege level and potentially gaining access to passwords, banking logins, encryption keys, private files, browsing, and other data,” the blog reported.

Researchers discovered the vulnerability by building their own device called the Thunderclap, hence the name behind the vulnerability. Any computer with a Thunderbolt port, including systems running Windows, Linux, FreeBSD, and Apple’s MacOS, is at risk, though researchers cautioned that any computer with a compromised PCIe card could also be affected.

Makers of operating systems were warned about the findings in 2016 and the latest software updates to MacOS, Windows 10, and Linux have removed some of the risks associated with this type of attack, but PCIe cards still aren’t safe.

However, to reduce your risk even further, you should refrain from using public or uncertified USB-C chargers and avoid plugging in any peripheral or accessory that you’re not familiar with.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
This critical macOS flaw may leave your Mac defenseless
A close-up of a MacBook illuminated under neon lights.

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

Read more
iCloud might be sending your photos to strangers’ computers
Microsoft has released a new Windows 11 feature that makes the OS photos app compatible with Apple's iClould.

Microsoft's newly announced iCloud for Windows app, which is intended to connect your iCloud to your Photos app on your PC, has already developed a glitch that is sending photos to the wrong users.

Several users have reported instances on the MacRumors Forums where they have received someone else's images when attempting to load their iCloud data onto a Windows device, and similarly had their own images sent elsewhere. Some users also detailed receiving corrupted videos that played back only black screens with scan lines. Users began sharing their issues with the app on November 17 after Microsoft unveiled the feature the Wednesday prior.

Read more
Apple Security Research website launches to protect your Mac
Apple Seurity Research website has resources for bug bounty hunters.

Apple just launched a new website that's dedicated to macOS and iOS security and there are already two blog posts that provide examples of what to expect, one providing a deep dive into memory allocation within the XNU kernel at the heart of all Apple devices, and another discussing the improved security bounty process.

The new website will undoubtedly become a critical resource for Apple security researchers, both providing information and serving as a hub for submitting bounties. The Apple Security Research website is also where you can apply for an official Apple Security Research Device (SRD) to help with identifying vulnerabilities by providing special access to what are normally protected areas of iOS.

Read more