A team of researchers has revealed a new security hole in the Thunderbolt data transfer specification called "Thunderclap" that could leave computers open to serious attacks of harmless USB-C or DisplayPort hardware.
As Theo Markettos, researcher, explains, Thunderclap takes advantage of privileged DMA access to Thunderbolt accessories to access the target device. Unless proper safeguards are put in place, hackers can use this access to steal data, track files, and execute malicious code.
This is the type of access at the operating system level to which accessories such as GPUs or network cards are usually granted. Because Thunderbolt is designed to replicate these functions externally, it requires the same level of access, but the external nature of the configuration makes it more vulnerable to attack. Basically, it is easier to plug a malicious device into a port than to break someone's computer and plug in a pirated graphics card.
The Thunderclap vulnerability is not unique to Thunderbolt 3; Older DisplayPort-based Thunderbolt devices instead of USB-C are also theoretically exposed.
Markettos and his team discovered the vulnerability in 2016 and have already published it for manufacturers who had developed patches: Apple has implemented a fix for a specific part of the bug in macOS 10.12.4 that same year , and recently updated Macs should be protected from attack. Windows 10 version 1803 also protects against firmware vulnerability for new devices.
This is not the kind of attack most users will encounter. (Hackers using specially poisoned USB-C devices to target computers pretending to be a fake GPU do not usually appear to most people.) But it's good to remember that you have to be careful not to connect your computer to accessories or chargers. not trust.
And even if Thunderclap does not hit your device, he points out that even our best standards are not perfect, even for the high-end segment of the Thunderbolt device business.