Hackers Can Hack Your Laptop In Less Than 30 Seconds
Hackers Can Hack Your Laptop In Less Than 30 Seconds: American multinational company, Intel, has just recovered from Meltdown and Spectre bugs. However, it looks like troubles for Intel doesn’t seem to end. Recently, a researcher from F-Secure, Harry Sintonen discovered another vulnerability that affects millions of corporate laptops.
Harry Sintonen has managed to find a serious bug in Intel’s Active Management Technology (AMT) which can be exploited by hackers to get complete control over the computer ‘in a matter of seconds’
However, unlike Spectre and Meltdown, this exploit needs to have the physical access to the device. Despite requiring the physical access, it’s still a critical flaw because hackers can compromise a laptop in just a few seconds to remotely control it by connecting to the same network.
Another worst thing about this new vulnerability is that it can be exploited even if some security measures are implemented like BIOS Password, TPM Pin, BitLocker or any antivirus product.
According to Harry Sintonen, BIOS password usually blocks malicious players. However, this flaw also opens the door to an alternative attack which can provide hacker the remote access to the system.
Harry Sintonen explained “By selecting Intel’s Management Engine BIOS Extension (MEBx), they can log in using the default password “admin,” as this hasn’t most likely been changed by the user. By changing the default password, enabling remote access and setting AMT’s user opt-in to “None”, a quick-fingered cyber criminal has effectively compromised the machine. Now the attacker can gain access to the system remotely,”
Hackers after gaining full access can not only read and modify data but can also deploy malware on the device without worrying anything about security solutions. Intel hasn’t responded to this new vulnerability. However, F-Secure recommends to put a strong Password for AMT or to disable the feature completely.
What’re your views on this new vulnerability? Discuss with us in the comments.
