Tuesday, April 1, 2025
HomeCyber Security NewsResearchers Use Raspberry Pi Pico to Crack BitLocker Under a Minute

Researchers Use Raspberry Pi Pico to Crack BitLocker Under a Minute

Published on

SIEM as a Service

Follow Us on Google News

BitLocker is a computer program provided by Microsoft that users can use to encrypt their entire volumes, preventing unauthorized access in case of device theft.

Many organizations have been using this security feature to prevent data theft, stolen devices leading to intellectual property theft, and many other threats.

However, researchers have found a novel technique that costs less than $10, which defeats this BitLocker encryption feature. To do this, researchers used a Raspberry Pi Pico device that took less than a minute to provide access to the encrypted volumes of the device.

Document
Protect Your Network From Data Breach

Perimeter’s 81 Malware Protection for Network Based Threats

Prevent malware from infecting your network at the delivery stage by intercepting malicious files in transit from their source to the target device’s web browser..

Raspberry Pi Pico to Crack BitLocker

According to the researcher, a Lenovo laptop was used for demonstration alongside a Trusted Platform Module separated from the CPU. This is not a common scenario in real life.

However, once the BitLocker encrypted the device’s physical access was gained, breaking the encryption was relatively simple. The method involved sniffing out the BitLocker key from the TPM since the key is passed from the TPM to the CPU during operation. 

In addition, the key passed from the TPM module is not encrypted, making it extremely simple to gain access to the encrypted volume. Microsoft already knew and had claimed that these kinds of attacks were possible and were carried out in several scenarios. 

Microsoft’s BitLocker documentation states, “[BitLocker] Targeted attack with plenty of time; the attacker opens the case, solders, and uses sophisticated hardware or software.” To mitigate attacks, Microsoft suggests

  • Preboot authentication set to TPM with a PIN protector
  • Disable Standby power management and shut down or hibernate the device before it leaves the control of an authorized user. 

Furthermore, a video demonstrating the methodology has been published, showcasing Raspberry Pi Pico’s capabilities and the vulnerability of BitLocker encryption.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Sliver Framework Customized Enhances Evasion and Bypasses EDR Detection

The Sliver Command & Control (C2) framework, an open-source tool written in Go, has...

Ransomware Threatens 93% of Industries— Resilience Is Critical

Ransomware continues to be one of the most disruptive cyber threats, with recent data...

New Surge of IRS-Themed Attacks Targets Taxpayers’ Mobile Devices

As the U.S. tax filing deadline approaches, cybercriminals are intensifying their efforts to exploit...

KoiLoader Exploits PowerShell Scripts to Drop Malicious Payloads

Cybersecurity experts at eSentire's Threat Response Unit (TRU) uncovered a sophisticated malware campaign leveraging...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Sliver Framework Customized Enhances Evasion and Bypasses EDR Detection

The Sliver Command & Control (C2) framework, an open-source tool written in Go, has...

Ransomware Threatens 93% of Industries— Resilience Is Critical

Ransomware continues to be one of the most disruptive cyber threats, with recent data...

New Surge of IRS-Themed Attacks Targets Taxpayers’ Mobile Devices

As the U.S. tax filing deadline approaches, cybercriminals are intensifying their efforts to exploit...