PoisonTap: A $5 Hacking Device
Technology may be used for good or bad reasons and today the development of tech allows a larger number of people to use hacking devices without much knowledge of the tech. Every day, newer and more complex security systems are being developed. However at the same time, these new technologies are also being used to bypass this security. Hardware hacker Samy Kamkar, has proved this with his new computer hacking device called PoisonTap, which is available for just $5!
PoisonTap comprises of the Raspberry Pi Zero microcomputer, which has a USB adaptor, microSD card slot and an HDMI port. For a price of just $5, this tiny device can certainly cause a lot of havoc. The software for the device is provided for free.
The hacking device can be used against any system, whether it runs on Linux, Windows or Mac OS. PoisonTap works by creating a backdoor entry that can be used to enter any computer, whether it is locked or not, in under 30 seconds. The backdoor can then be used by the hacker to steal HTTP authentication cookies that are used to access private sessions and accounts, and even as a way to intercept traffic. All that is needed to do this is for a webpage loading unencrypted data or a browser tab to be open.
One of the many concerns that have arisen about how this hacking device can be misused, is that this makes stealing Bitcoins fairly simple. By evading the two-factor authentication and simply logging into the Bitcoin wallet, with the authentication cookies, the entire wallet can be transferred to the hacker’s account in seconds.
The only setback of this device is that in order for a hacker to attack the computer, he or she must be in front of the machine so that device can be plugged into a USB port.
To protect yourself from such malicious attacks from PoisonTap, you can take several precautions. First be sure to not leave your computer on and unattended and if you must leave it unsupervised, close all browsers and keep the computer on hibernate instead of sleep mode. Additionally you can also disable the USB drives, clear the cookies and browser caches or simply use a complete disk encryption for devices that have more sensitive information.
While these suggestions may not be very practical even at the best of times, they are essential if you are concerned about the security of your device.
You might also like –
Picture courtesy – gadgets360cdn.com, sci-tech-today.com
by techtalks @TechTalks December 2, 2016 9:54 AM UTC