Vulnerability in all modern computers allows you to steal important data

This is a new variation of the well-known attack by the cold reset method.

Almost all modern computers are vulnerable to a new kind of attack, allowing manipulation of the firmware to disable security measures and the theft of confidential data stored on the computer, such as passwords, corporate documentation, etc., say F-Secure.

This is a new variation of the well-known cold boot attack, which consists in the fact that the attacker initiates a forced reboot of the computer and then steals data from the main memory. All attacks of this kind assume physical access to the computer and the availability of special hardware.

Over the years, manufacturers of operating systems and hardware have implemented various measures to prevent such attacks, including the function of overwriting the contents of RAM after a cold reset. However, the researchers found a way to disable this functionality by modifying the firmware settings and were able to extract data from the RAM after a cold reset. Similar to previous attacks, the new version also requires physical access to the computer and a special tool for extracting memory.

Leave a Reply