A new ‘Cold Boot Attack’ vulnerability has been found on Macs and Windows laptops and it puts user data at risk, essentially allowing hackers to steal data from these computers. The so called cold boot attack involves targeting a computer and stealing data from it while it is powered off. The firmware exploit affects these machines because of the way they overwrite data when they are turned off.
The vulnerability has been discovered by F-Secure, according to which Macs that have FireVault encryption feature turned on are also vulnerable. Perhaps the only reassuring thing about this vulnerability is that it requires the attacker to have physical access to a computer to be able to attack it. However if an attacker has access to the computer, the flaw is ‘easy to exploit’. Even though it has been discovered by F-Secure now, the people who uncovered this exploit note that they will be surprised if hacker groups are not aware of this technique already.
“It takes some extra steps,” said Segerdahl, but the flaw is “easy to exploit.” So much so, he said, that it would “very much surprise” him if this technique isn’t already known by some hacker groups.
Researchers who made the discovery had already shared the details about this vulnerability with Apple, Microsoft and Intel. Apple has already solve this issue on T2 chip equipped Macs, so iMac Pro and 2018 MacBook Pros are not vulnerable. Apple is also said to be working on fixing this bug on Macs that don’t have the T2 chip. (TechCrunch)