After reading this article, you’ll think twice about going out to lunch while leaving your computer unattended at the office. The new tool that makes it effortless for hackers to log onto websites posing as you, getting access to your network router, and launching other attacks.
The new $5 device known as PoisonTap, created by hacker and developer Samy Kamkar, can even break into password-protected computers, as long as there’s a browser open in the background. It costs hackers just $5 and only 30 seconds to hack into any computer. Samy Kamkar has devised a cheap exploit tool, this time that takes just 30 seconds to install a privacy-invading backdoor into your computer, even if it is locked with a strong password.
All the work a hacker has to do is plug in the device and wait for a while. It takes less than a minute, and other than plugging it in and removing it, no other skills are required.
How PoisonTap Works:
Built on a Raspberry Pi Zero microcomputer, once PoisonTap is plugged into a USB port, it emulates a network device and attacks all outbound connections by pretending to be the whole internet, tricking the computer to send all traffic to it. If that’s not alarming enough, after the device is positioned, it can steal the victim’s cookies, as long as they come from websites that don’t use HTTPS web encryption.
Acting as a man-in-the-middle, the device then begins stealing any HTTP authentication cookies that you’d use to log into private accounts, as well as session data from a million of the web’s top sites. Due to the way it’s designed, two-factor authentication might not help.
Security experts that reviewed Kamkar’s research for Motherboard agreed that this is a novel attack, and a good way to expose the excessive trust that Mac and Windows computers have in network devices. That’s the key of PoisonTap’s attacks once what looks like a network device is plugged into a laptop, the computer automatically talks to it and exchanges data with it.
What Does The Hacking Tool Do?
The hacking tool also allows an attacker to install persistent web-based backdoors in HTTP cache for hundreds of thousands of domains, making the victim’s Web browser as well as local network remotely controllable by the attacker. The attack also allows “an attacker to remotely force the user to make HTTP requests and proxy back responses (GET & POSTs) with the user’s cookies on any backdoored domain,” Kamkar said.
Watch the Demonstration Video:
Kamkar does have a few tips to protect yourself, although most aren’t all that practical:
- Set your computer to hibernate, rather than sleep. In hibernation, the computer suspends all processes.
- Close your web browser each time you walk away from your machine.
- Regularly clear your browser cache.
- Use full-disk encryption and your device’s hibernation mode.
- Disable the USB ports
One solution is to completely shut down your computer when you walk away from it, or at lease close your browser, since PoisonTap needs to piggyback on it in order to work. At the network level, websites that use HTTPS are immune to such a hack, another reason why the entire internet should be encrypted.
Complete information about the tool – here