Discovered in 2008 and then countered in the process, an old flaw for hacking laptops by a Cold boot attack sees the day again. F-Secure researchers are demonstrating it with video support.
While everyone feels safe from a possible piracy of his laptop, here is a new loophole has been highlighted. Discovered by researchers specialized in security firm F-Secure, this weakness is based on a way to circumvent the protections and then to hack the computer via a Cold boot attack.
The Cold boot method to hack a laptop
This method, which is performed by a cold boot of the laptop, can easily allow hackers to seize keys and ciphers contained in the memory of the computer in question.
The good news, reassuring that the thing is infeasible remotely, is that you must physically access your laptop to accomplish this malicious manipulation. Difficult to do so without your knowledge, the thing is only possible in your absence, or on a device previously stolen.
Cold boot: an old flaw on the return
To demonstrate this vulnerability, F-Secure experts have released a video showing that a computer savvy individual can easily perform this hacking on most laptop PC models. In the end, the hacker gets all the information stored in the RAM of the PC at the time of its extinction.
In their blog, the researchers comment that “With the help of a simple tool, Olle and Pasi were able to rewrite the non-volatile memory chip containing the restart parameters. They were able to disable memory overwriting and allow booting from external devices. They were then able to lead a Cold boot attack, by running a specific program from a USB stick. “
Note that this attack had already been discovered in 2008 by technicians from the Electronic Frontier Foundation of Princeton University, but it was quickly forgotten after the development of an effective counter Trusted Computing Group.