This $5 USB device can hijack your computer in 30 seconds

PoisonTap can bypass the strongest passwords!


Tech Desk November 17, 2016
PoisonTap can bypass even the strongest passwords. PHOTO: SCREENGRAB/YOUTUBE

Samy Kamkar is a known figure in privacy and cyber security realm who has a knack for building incredibly inexpensive devices that can inflict serious harm to electronic systems. His latest creation is a small USB-connected gadget that can hack a password-protected computer in just 30 seconds.



Called the PoisonTap, the device is based on a $5 Raspberry Pi Zero microcomputer paired with free software that can hijack a computer and steal its data.

Google Pixel hacked by Chinese team within 60 seconds

Once plugged in, PoisonTap imitates itself as an Ethernet connection prioritised over the existing Wi Fi network. The computer is tricked into sending unencrypted web traffic, including HTTP authentication cookies to PoisonTap.

It installs a backdoor such that the device works even after its removed from the USB port. The gadget goes on to scan the data and is even capable of overcoming two-factor authentication.

However, there is a catch. PoisonTap only works if a computer's browser tab is open in the background!

Probe of leaked US NSA hacking tools examines operative's 'mistake'

Meanwhile, Kamkar has highlighted a few tips to save a computer from malicious devices:

1) Keep the computer in hibernate mode over sleep as it suspends all processes in the background

2) Close web browsers when your computer is idle and clear its cache regularly

3) Prevent access by disabling USB ports if you’re concerned about physical attacks to your computer

This article originally appeared on The Next Web

COMMENTS (1)

Mr Obvious | 5 years ago | Reply They should find Samy Kamkar and put him behind bars - creative people with no sense of right/wrong are a threat to the World.
Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ

E-Publications

Most Read