• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

New "Thunderclap" Vulnerability Threatens to Infect Your PC Over Thunderbolt Peripherals

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,301 (7.52/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
A new security vulnerability named "Thunderclap" severely compromises security of computers with USB type-C Thunderbolt ports, or machines with Thunderbolt 3 (40 Gbps) ports. This would be pretty much every MacBook released in the past two years, Macs, and PCs with certain aftermarket Thunderbolt 3 adapters. Chronicled in a paper by the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International, is a method for Thunderbolt devices to bypass the host machine's IOMMU (I/O memory management unit), and read its main memory over DMA.

An IOMMU translates address-spaces between devices and main memory, and hence protects your memory's contents being read by just about any device. The group has detailed possible ways to mitigate this vulnerability, and forwarded these mitigations to Apple, Intel, and Microsoft. For now no public mitigation exists other than disabling the Thunderbolt controller of your machine in your motherboard's UEFI setup program.



View at TechPowerUp Main Site
 

TheLostSwede

News Editor
Joined
Nov 11, 2004
Messages
17,776 (2.42/day)
Location
Sweden
System Name Overlord Mk MLI
Processor AMD Ryzen 7 7800X3D
Motherboard Gigabyte X670E Aorus Master
Cooling Noctua NH-D15 SE with offsets
Memory 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s) Gainward GeForce RTX 4080 Phantom GS
Storage 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s) Acer XV272K LVbmiipruzx 4K@160Hz
Case Fractal Design Torrent Compact
Audio Device(s) Corsair Virtuoso SE
Power Supply be quiet! Pure Power 12 M 850 W
Mouse Logitech G502 Lightspeed
Keyboard Corsair K70 Max
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/yfsd9w
Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.
 
Joined
Dec 27, 2013
Messages
887 (0.22/day)
Location
somewhere
Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.
Sure if a criminal has physical access to your PC you have bigger problems than worrying about thunderbolt lol. Thing is I would worry this could be abused in institutions or places with public computers (Schools, colleges etc). Those places usually have a lot of Macs.
 
Joined
Mar 23, 2012
Messages
777 (0.17/day)
Location
Norway
System Name Games/internet/usage
Processor I7 5820k 4.2 Ghz
Motherboard ASUS X99-A2
Cooling custom water loop for cpu and gpu
Memory 16GiB Crucial Ballistix Sport 2666 MHz
Video Card(s) Radeon Rx 6800 XT
Storage Samsung XP941 500 GB + 1 TB SSD
Display(s) Dell 3008WFP
Case Caselabs Magnum M8
Audio Device(s) Shiit Modi 2 Uber -> Matrix m-stage -> HD650
Power Supply beQuiet dark power pro 1200W
Mouse Logitech MX518
Keyboard Corsair K95 RGB
Software Win 10 Pro
Was there not a similar exploit for firewire some years ago?
External interfaces with direct memory access is always trouble (but facilitates faster transfer)
 

TheLostSwede

News Editor
Joined
Nov 11, 2004
Messages
17,776 (2.42/day)
Location
Sweden
System Name Overlord Mk MLI
Processor AMD Ryzen 7 7800X3D
Motherboard Gigabyte X670E Aorus Master
Cooling Noctua NH-D15 SE with offsets
Memory 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s) Gainward GeForce RTX 4080 Phantom GS
Storage 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s) Acer XV272K LVbmiipruzx 4K@160Hz
Case Fractal Design Torrent Compact
Audio Device(s) Corsair Virtuoso SE
Power Supply be quiet! Pure Power 12 M 850 W
Mouse Logitech G502 Lightspeed
Keyboard Corsair K70 Max
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/yfsd9w
Sure if a criminal has physical access to your PC you have bigger problems than worrying about thunderbolt lol. Thing is I would worry this could be abused in institutions or places with public computers (Schools, colleges etc). Those places usually have a lot of Macs.

The issue in this case is that the are already done rouge devices on sale. I saw a comment elsewhere that someone had bought a rouge device from some no-name Chinese company and it injected some malware on its host system. This then tried to access some server online, which fortunately was blocked by the company firewall.

That's the real concern with this.
 
Low quality post by SN2716057
Joined
Oct 25, 2018
Messages
1,494 (0.66/day)
Location
SortOfGrim
System Name Merc v8
Processor Ryzen 7800X3D
Motherboard Gigabyte X670 Gaming X AX
Cooling Noctua NH-D15
Memory 2x 16GB-6000
Video Card(s) MSI RTX 4070 Ti SUPER
Storage Solidigm P44 1TB, Crucial MX500 2TB
Display(s) ASUS ROG Swift PG27UQR
Case Caselabs Mercury S8
Audio Device(s) Schiit Magni & Modi, Edifier S351DB, DT 770 PRO
Power Supply Seasonic Vertex PX-850
Mouse Logitech G600
Keyboard Glorious GMMK Pro custom
Software W11Pro
Thunderclap, sounds like an STD.
Abe_nonono.gif
 
Joined
Apr 24, 2012
Messages
1,606 (0.35/day)
Location
Northamptonshire, UK
System Name Main / HTPC
Processor Ryzen 7 7800X3D / Ryzen 7 2700
Motherboard Aorus B650M Elite AX/ B450i Aorus Pro Wifi
Cooling Lian-Li Galahad 360 / Wraith Spire
Memory Corsair Vengeance 2x16 6000MHz CL30 / HyperX Predator 2x8GB 3200MHz
Video Card(s) RTX 3080 FE / ARC A380
Storage WD Black SN770 1TB / Sabrent Rocket 256GB
Display(s) Aorus FO32U2P / 39" Panasonic HDTV
Case Fractal Arc XL / Cougar QBX
Audio Device(s) Denon AVR-X2800H / Realtek ALC1220
Power Supply Corsair RM850 / BeQuiet SFX Power 2 450W
Mouse Logitech G903
Keyboard Drop Sense75 with WQ Studio Morandi's
VR HMD Rift S
Software Win 11 Pro 64Bit
i like the naming scheme ( ͡° ͜ʖ ͡°)
 

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
15,600 (2.36/day)
Location
Mid-Atlantic
System Name Desktop
Processor i5 13600KF
Motherboard AsRock B760M Steel Legend Wifi
Cooling Noctua NH-U9S
Memory 4x 16 Gb Gskill S5 DDR5 @6000
Video Card(s) Gigabyte Gaming OC 6750 XT 12GB
Storage WD_BLACK 4TB SN850x
Display(s) Gigabye M32U
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply EVGA Supernova 650 P2
Mouse MX Master 3s
Keyboard Logitech G915 Wireless Clicky
Software The Matrix
Interesting find but I am not seeing this as a legit attack vector. Even if it can read the computer's memory once plugged in there is no way to exploit it unless the owner of the computer is using it right then and is deaf, dumb, and blind. I mean, how many hackers do you know come right up to you while you are using your computer and ask if they can plug in their external device to your machine. They promise nothing bad will happen!
 
Joined
Aug 20, 2007
Messages
21,542 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Device access = p0wned

This is really quite silly, as it's being blown out of proportion. Yes, be careful what you plug in, there are rouge devices, but this isn't nearly as bad as it's hyped up to be.

If you agree to plug in an R-T-B provided USB stick, odds are I can "pwn" your PC too.

Physical access and mailed materials. Be careful what you plug in. This isn't new.
 
Joined
Mar 6, 2017
Messages
3,358 (1.18/day)
Location
North East Ohio, USA
System Name My Ryzen 7 7700X Super Computer
Processor AMD Ryzen 7 7700X
Motherboard Gigabyte B650 Aorus Elite AX
Cooling DeepCool AK620 with Arctic Silver 5
Memory 2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s) XFX AMD Radeon RX 7900 GRE
Storage Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s) Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case Lian Li LANCOOL II MESH C
Audio Device(s) On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply MSI A850GF
Mouse Logitech M705
Keyboard Steelseries
Software Windows 11 Pro 64-bit
Benchmark Scores https://valid.x86.fr/liwjs3
The only truly safe computer is one that's been encased in six feet of concrete and dumped into the Marianas Trench.

Again, if you have local access to a device then that device is as good as p0wned.
 
Low quality post by TheLostSwede

TheLostSwede

News Editor
Joined
Nov 11, 2004
Messages
17,776 (2.42/day)
Location
Sweden
System Name Overlord Mk MLI
Processor AMD Ryzen 7 7800X3D
Motherboard Gigabyte X670E Aorus Master
Cooling Noctua NH-D15 SE with offsets
Memory 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s) Gainward GeForce RTX 4080 Phantom GS
Storage 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s) Acer XV272K LVbmiipruzx 4K@160Hz
Case Fractal Design Torrent Compact
Audio Device(s) Corsair Virtuoso SE
Power Supply be quiet! Pure Power 12 M 850 W
Mouse Logitech G502 Lightspeed
Keyboard Corsair K70 Max
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/yfsd9w
The only truly safe computer is one that's been encased in six feet of concrete and dumped into the Marianas Trench.

Again, if you have local access to a device then that device is as good as p0wned.

Please don't litter.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,632 (6.68/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.44/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
Not news. This vulnerability was known about since 2011. Solution is simple: don't let any untrusted Thunderbolt devices anywhere close to a computer.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,632 (6.68/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Not news. This vulnerability was known about since 2011. Solution is simple: don't let any untrusted Thunderbolt devices anywhere close to a computer.

Buy official thunderbolt devices, or dont use thunderbolt at all...
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.44/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
Corporations are going to have to blanket ban the use of USB4 sticks because of the threat they pose to the machines. Hell, can anyone even trust any USB4 device? Every controller included in every implementation of the standard could be a DMA spying device. There's going to have to be a security certification process that the chips won't step out of the bounds of what they're expected to do by implementers and consumers alike.

The risk USB4 poses, thanks to Thunderbolt, far exceeds that of USB 3.2 and older.
 
Top