New "Thunderclap" Vulnerability Threatens to Infect Your PC Over Thunderbolt Peripherals

btarunr · Mar 4, 2019

A new security vulnerability named "Thunderclap" severely compromises security of computers with USB type-C Thunderbolt ports, or machines with Thunderbolt 3 (40 Gbps) ports. This would be pretty much every MacBook released in the past two years, Macs, and PCs with certain aftermarket Thunderbolt 3 adapters. Chronicled in a paper by the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International, is a method for Thunderbolt devices to bypass the host machine's IOMMU (I/O memory management unit), and read its main memory over DMA.

An IOMMU translates address-spaces between devices and main memory, and hence protects your memory's contents being read by just about any device. The group has detailed possible ways to mitigate this vulnerability, and forwarded these mitigations to Apple, Intel, and Microsoft. For now no public mitigation exists other than disabling the Thunderbolt controller of your machine in your motherboard's UEFI setup program.

View at TechPowerUp Main Site

TheLostSwede · Mar 4, 2019

Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.

ArbitraryAffection · Mar 4, 2019

TheLostSwede said:
Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.

Sure if a criminal has physical access to your PC you have bigger problems than worrying about thunderbolt lol. Thing is I would worry this could be abused in institutions or places with public computers (Schools, colleges etc). Those places usually have a lot of Macs.

Brusfantomet · Mar 4, 2019

Was there not a similar exploit for firewire some years ago?
External interfaces with direct memory access is always trouble (but facilitates faster transfer)

TheLostSwede · Mar 4, 2019

ArbitraryAffection said:
Sure if a criminal has physical access to your PC you have bigger problems than worrying about thunderbolt lol. Thing is I would worry this could be abused in institutions or places with public computers (Schools, colleges etc). Those places usually have a lot of Macs.

The issue in this case is that the are already done rouge devices on sale. I saw a comment elsewhere that someone had bought a rouge device from some no-name Chinese company and it injected some malware on its host system. This then tried to access some server online, which fortunately was blocked by the company firewall.

That's the real concern with this.

SN2716057 · Mar 4, 2019

Thunderclap, sounds like an STD.

R00kie · Mar 4, 2019

i like the naming scheme ( ͡° ͜ʖ ͡°)

Easy Rhino · Mar 4, 2019

Interesting find but I am not seeing this as a legit attack vector. Even if it can read the computer's memory once plugged in there is no way to exploit it unless the owner of the computer is using it right then and is deaf, dumb, and blind. I mean, how many hackers do you know come right up to you while you are using your computer and ask if they can plug in their external device to your machine. They promise nothing bad will happen!

R-T-B · Mar 4, 2019

TheLostSwede said:
Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.

If you agree to plug in an R-T-B provided USB stick, odds are I can "pwn" your PC too.

Physical access and mailed materials. Be careful what you plug in. This isn't new.

trparky · Mar 4, 2019

The only truly safe computer is one that's been encased in six feet of concrete and dumped into the Marianas Trench.

Again, if you have local access to a device then that device is as good as p0wned.

TheLostSwede · Mar 5, 2019

trparky said:
The only truly safe computer is one that's been encased in six feet of concrete and dumped into the Marianas Trench.

Again, if you have local access to a device then that device is as good as p0wned.

Please don't litter.

eidairaman1 · Mar 5, 2019

Its an ETD

FordGT90Concept · Mar 5, 2019

Not news. This vulnerability was known about since 2011. Solution is simple: don't let any untrusted Thunderbolt devices anywhere close to a computer.

eidairaman1 · Mar 5, 2019

FordGT90Concept said:
Not news. This vulnerability was known about since 2011. Solution is simple: don't let any untrusted Thunderbolt devices anywhere close to a computer.

Buy official thunderbolt devices, or dont use thunderbolt at all...

FordGT90Concept · Mar 6, 2019

Corporations are going to have to blanket ban the use of USB4 sticks because of the threat they pose to the machines. Hell, can anyone even trust any USB4 device? Every controller included in every implementation of the standard could be a DMA spying device. There's going to have to be a security certification process that the chips won't step out of the bounds of what they're expected to do by implementers and consumers alike.

The risk USB4 poses, thanks to Thunderbolt, far exceeds that of USB 3.2 and older.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	Overlord Mk MLI
Processor	AMD Ryzen 7 7800X3D
Motherboard	Gigabyte X670E Aorus Master
Cooling	Noctua NH-D15 SE with offsets
Memory	32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s)	Gainward GeForce RTX 4080 Phantom GS
Storage	1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s)	Acer XV272K LVbmiipruzx 4K@160Hz
Case	Fractal Design Torrent Compact
Audio Device(s)	Corsair Virtuoso SE
Power Supply	be quiet! Pure Power 12 M 850 W
Mouse	Logitech G502 Lightspeed
Keyboard	Corsair K70 Max
Software	Windows 10 Pro
Benchmark Scores	https://valid.x86.fr/yfsd9w

System Name	Games/internet/usage
Processor	I7 5820k 4.2 Ghz
Motherboard	ASUS X99-A2
Cooling	custom water loop for cpu and gpu
Memory	16GiB Crucial Ballistix Sport 2666 MHz
Video Card(s)	Radeon Rx 6800 XT
Storage	Samsung XP941 500 GB + 1 TB SSD
Display(s)	Dell 3008WFP
Case	Caselabs Magnum M8
Audio Device(s)	Shiit Modi 2 Uber -> Matrix m-stage -> HD650
Power Supply	beQuiet dark power pro 1200W
Mouse	Logitech MX518
Keyboard	Corsair K95 RGB
Software	Win 10 Pro

System Name	Overlord Mk MLI
Processor	AMD Ryzen 7 7800X3D
Motherboard	Gigabyte X670E Aorus Master
Cooling	Noctua NH-D15 SE with offsets
Memory	32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s)	Gainward GeForce RTX 4080 Phantom GS
Storage	1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s)	Acer XV272K LVbmiipruzx 4K@160Hz
Case	Fractal Design Torrent Compact
Audio Device(s)	Corsair Virtuoso SE
Power Supply	be quiet! Pure Power 12 M 850 W
Mouse	Logitech G502 Lightspeed
Keyboard	Corsair K70 Max
Software	Windows 10 Pro
Benchmark Scores	https://valid.x86.fr/yfsd9w

System Name	Merc v8
Processor	Ryzen 7800X3D
Motherboard	Gigabyte X670 Gaming X AX
Cooling	Noctua NH-D15
Memory	2x 16GB-6000
Video Card(s)	MSI RTX 4070 Ti SUPER
Storage	Solidigm P44 1TB, Crucial MX500 2TB
Display(s)	Acer Predator XB271HU
Case	Caselabs Mercury S8
Audio Device(s)	Schiit Magni & Modi, Edifier S351DB, DT 770 PRO
Power Supply	Seasonic Vertex PX-850
Mouse	Logitech G600
Keyboard	Glorious GMMK Pro custom
Software	W11Pro

New "Thunderclap" Vulnerability Threatens to Infect Your PC Over Thunderbolt Peripherals

btarunr

Editor & Senior Moderator

TheLostSwede

News Editor

ArbitraryAffection

Brusfantomet

TheLostSwede

News Editor

SN2716057

R00kie

Easy Rhino

Linux Advocate

R-T-B

trparky

TheLostSwede

News Editor

eidairaman1

The Exiled Airman

FordGT90Concept

"I go fast!1!11!1!"

eidairaman1

The Exiled Airman

FordGT90Concept

"I go fast!1!11!1!"

System Name	Main / HTPC
Processor	Ryzen 7 7800X3D / Ryzen 7 2700
Motherboard	Aorus B650M Elite AX/ B450i Aorus Pro Wifi
Cooling	Thermalright Phantom Spirit 120 EVO / Wraith Spire
Memory	Corsair Vengeance 2x16 6000MHz CL30 / HyperX Predator 2x8GB 3200MHz
Video Card(s)	MSI RTX 4080 Super Gaming X Slim / ARC A380
Storage	WD Black SN770 1TB / Sabrent Rocket 256GB
Display(s)	Aorus FO32U2P / 39" Panasonic HDTV
Case	Asus AP201 / Cougar QBX
Audio Device(s)	Denon AVR-X2800H / Realtek ALC1220
Power Supply	Corsair RM1000e / BeQuiet SFX Power 2 450W
Mouse	Logitech G903
Keyboard	Drop Sense75 with WQ Studio Morandi's
VR HMD	Rift S
Software	Win 11 Pro 64Bit

System Name	Desktop
Processor	i5 13600KF
Motherboard	AsRock B760M Steel Legend Wifi
Cooling	Noctua NH-U9S
Memory	4x 16 Gb Gskill S5 DDR5 @6000
Video Card(s)	Gigabyte Gaming OC 6750 XT 12GB
Storage	WD_BLACK 4TB SN850x
Display(s)	Gigabye M32U
Case	Corsair Carbide 400C
Audio Device(s)	On Board
Power Supply	EVGA Supernova 650 P2
Mouse	MX Master 3s
Keyboard	Logitech G915 Wireless Clicky
Software	Fedora KDE Spin

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	128GB (4x 32GB) G.Skill Flare X5 @ DDR5-4200(Running 1:1:1 w/FCLK)
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64, other office machines run Windows 11 Enterprise

System Name	My Ryzen 7 7700X Super Computer
Processor	AMD Ryzen 7 7700X
Motherboard	Gigabyte B650 Aorus Elite AX
Cooling	DeepCool AK620 with Arctic Silver 5
Memory	2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s)	XFX AMD Radeon RX 7900 GRE
Storage	Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s)	Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case	Lian Li LANCOOL II MESH C
Audio Device(s)	On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply	MSI A850GF
Mouse	Logitech M705
Keyboard	Steelseries
Software	Windows 11 Pro 64-bit
Benchmark Scores	https://valid.x86.fr/liwjs3

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	BY-2021
Processor	AMD Ryzen 7 5800X (65w eco profile)
Motherboard	MSI B550 Gaming Plus
Cooling	Scythe Mugen (rev 5)
Memory	2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s)	AMD Radeon RX 7900 XT
Storage	Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s)	Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case	Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s)	Realtek ALC1150, Micca OriGen+
Power Supply	Enermax Platimax 850w
Mouse	Nixeus REVEL-X
Keyboard	Tesoro Excalibur
Software	Windows 10 Home 64-bit
Benchmark Scores	Faster than the tortoise; slower than the hare.