Slashdot Mirror

← Back to Stories (view on slashdot.org)

A $5 Tool Called PoisonTap Can Hack Your Locked Computer In One Minute (vice.com)

Posted by BeauHD on from the plug-and-play dept.

An anonymous reader quotes a report from Motherboard: A new tool makes it almost trivial for criminals to log onto websites as if they were you, and get access to your network router, allowing them to launch other types of attacks. Hackers and security researchers have long found ways to hack into computers left alone. But the new $5 tool called PoisonTap, created by the well-known hacker and developer Samy Kamkar, can even break into password-protected computers, as long as there's a browser open in the background. Kamkar explained how it works in a blog post published on Wednesday. And all a hacker has to do is plug it in and wait. PoisonTap is built on a Raspberry Pi Zero microcomputer. Once it's plugged into a USB port, it emulates a network device and attacks all outbound connections by pretending to be the whole internet, tricking the computer to send all traffic to it. Once the device is positioned in the middle like this, it can steal the victim's cookies, as long as they come from websites that don't use HTTPS web encryption, according to Kamkar. Security experts that reviewed Kamkar's research for Motherboard agreed that this is a novel attack, and a good way to expose the excessive trust that Mac and Windows computers have in network devices. That's the key of PoisonTap's attacks -- once what looks like a network device is plugged into a laptop, the computer automatically talks to it and exchanges data with it.

10 of 172 comments (clear)

  1. News at 11 by Anonymous Coward · · Score: 5, Informative

    Physical access to equipment trumps (Trumps, heheheh!) almost all security. News at 11.

    1. Re:News at 11 by lucm · · Score: 5, Insightful

      Physical access, browser running, and it only work if you use cookies on sites that don't require SSL.

      At that point it s probably best to invest that $5 in a box-cutter and force the user to give your their password.

      --
      lucm, indeed.
    2. Re:News at 11 by ilsaloving · · Score: 4, Insightful

      It's basically a MITM attack. There's no difference between this and using a malicious network router. In fact, that's exactly what this is. The only difference is that you're connecting directly to the computer and pretending to be a network adapter rather that it being something upstream.

      If a malicious actor has physical access to your PC, then this is the *least* of your worries. There are all sorts of things that could be done.

    3. Re:News at 11 by lucm · · Score: 5, Funny

      If a malicious actor has physical access to your PC, then this is the *least* of your worries.

      True. I don't even want to think about what Russell Crowe would do if he had physical access to my computer.

      --
      lucm, indeed.
  2. Okay... by 93+Escort+Wagon · · Score: 5, Informative

    "Once the device is positioned in the middle like this, it can steal the victim's cookies, as long as they come from websites that don't use HTTPS web encryption, according to Kamkar."

    While I do think the fact that this works at all is problematic... if you're doing anything non-trivial on any website which doesn't employ https, that information has likely been available to anyone who really wanted it already.

    --
    #DeleteChrome
    1. Re:Okay... by geekmux · · Score: 4, Insightful

      if you're using your computer and you didn't notice the paperback-sized device plugged into one of your USB ports, you may have other problems.

      Corporate users hardly notice anything odd plugged into their systems. I could set a bowling ball under their desk and they probably wouldn't ask about it for a month, because that's not their job. They're far too busy doing the other three jobs they maintain now.

      For those of us managing the average user community, the problem is far more systemic than you dismiss here. Behavior modification is one of the hardest jobs in Security.

  3. Obligatory xkcd by slazzy · · Score: 4, Funny

    https://xkcd.com/538/

    --
    Website Just Down For Me? Find out
  4. There is some novelty here by davidwr · · Score: 5, Interesting

    Sure, you can do anything with physical access if you have some time on your hands.

    Sure, you can be persistent if you can leave something behind, like a modified keyboard.

    Sure, you can be persistent if you can install something, but that USUALLY requires either the ability to use the mouse or keyboard on an unlocked machine or tricking the user to do so for you.

    The novelty here is that it's a "plug it in, wait a few minutes, unplug it, and walk away" compromise, AND it doesn't make any permanent hardware changes such as blowing up your PC by sending a few hundred volts down the USB ports.

    It's also novel in that it exposes a design flaw that should've been noticed and widely discussed decades ago.

    By the way, am I the only one that remembers Thick Ethernet, aka 10BASE5, and its "vampire taps"?

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  5. Joke's on you by aonic · · Score: 5, Funny

    My Macbook doesn't have any USB ports!

  6. Obligatory xkcd by cfalcon · · Score: 5, Funny

    https://xkcd.com/386/