10.2 C
Friday, February 9, 2024

Researchers Use Raspberry Pi Pico to Crack BitLocker

BitLocker is a pc program offered by Microsoft that customers can use to encrypt their total volumes, stopping unauthorized entry in case of machine theft.

Many organizations have been utilizing this safety characteristic to forestall information theft, stolen gadgets resulting in mental property theft, and plenty of different threats.

Nonetheless, researchers have discovered a novel approach that prices lower than $10, which defeats this BitLocker encryption characteristic. To do that, researchers used a Raspberry Pi Pico machine that took lower than a minute to supply entry to the encrypted volumes of the machine.


Shield Your Community From Information Breach

Forestall malware from infecting your community on the supply stage by intercepting malicious recordsdata in transit from their supply to the goal machine’s net browser..

Raspberry Pi Pico to Crack BitLocker

In response to the researcher, a Lenovo laptop computer was used for demonstration alongside a Trusted Platform Module separated from the CPU. This isn’t a typical situation in actual life.

Nonetheless, as soon as the BitLocker encrypted the machine’s bodily entry was gained, breaking the encryption was comparatively easy. The strategy concerned sniffing out the BitLocker key from the TPM since the secret’s handed from the TPM to the CPU throughout operation. 

As well as, the important thing handed from the TPM module shouldn’t be encrypted, making it very simple to realize entry to the encrypted quantity. Microsoft already knew and had claimed that these sorts of assaults had been potential and had been carried out in a number of situations. 

Microsoft’s BitLocker documentation states, “[BitLocker] Focused assault with loads of time; the attacker opens the case, solders, and makes use of refined {hardware} or software program.” To mitigate assaults, Microsoft suggests

  • Preboot authentication set to TPM with a PIN protector
  • Disable Standby energy administration and shut down or hibernate the machine earlier than it leaves the management of a licensed person. 

Moreover, a video demonstrating the methodology has been revealed, showcasing Raspberry Pi Pico’s capabilities and the vulnerability of BitLocker encryption.

Keep up to date on Cybersecurity information, Whitepapers, and Infographics. Observe us on LinkedIn & Twitter.

Latest news
Related news


Please enter your comment!
Please enter your name here