BitLocker is a computer program provided by Microsoft that users can use to encrypt their entire volumes, preventing unauthorized access in case of device theft.
Many organizations have been using this security feature to prevent data theft, stolen devices leading to intellectual property theft, and many other threats.
However, researchers have found a novel technique that costs less than $10, which defeats this BitLocker encryption feature. To do this, researchers used a Raspberry Pi Pico device that took less than a minute to provide access to the encrypted volumes of the device.
Prevent malware from infecting your network at the delivery stage by intercepting malicious files in transit from their source to the target device’s web browser. .
According to the researcher, a Lenovo laptop was used for demonstration alongside a Trusted Platform Module separated from the CPU. This is not a common scenario in real life.
However, once the BitLocker encrypted the device’s physical access was gained, breaking the encryption was relatively simple. The method involved sniffing out the BitLocker key from the TPM since the key is passed from the TPM to the CPU during operation.
In addition, the key passed from the TPM module is not encrypted, making it extremely simple to gain access to the encrypted volume. Microsoft already knew and had claimed that these kinds of attacks were possible and were carried out in several scenarios.
Microsoft’s BitLocker documentation states, “[BitLocker] Targeted attack with plenty of time; the attacker opens the case, solders, and uses sophisticated hardware or software.” To mitigate attacks, Microsoft suggests
Furthermore, a video demonstrating the methodology has been published, showcasing Raspberry Pi Pico’s capabilities and the vulnerability of BitLocker encryption.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center (GSOC)…
Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and destructive…
The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence Information…
DMD Diamond - one of the oldest blockchain projects in the space has announced the start…
Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the…
The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack…