$5 Tool Attacks Password-Protected Computers

Poisontap - SeniorDBA

A tool named PoisonTap, which runs freely available software on a $5 Raspberry Pi Zero device, intercepts all unencrypted Web traffic on the targeted computer. This includes any authentication cookies used to log in to private accounts. The device also installs a backdoor that makes the owner’s Web browser and local network remotely controllable by the attacker, and sends that data to a server under the attacker’s control.

Once the device is inserted in an unattended but locked Mac or PC (it hasn’t been tested on a Linux machine), it attacks the browser cache with malicious code that lives on well after the tool is removed. That makes this hack perfect for infecting computers while they are unattended in a public location.

You can read more here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s