PoisonTap is a fully automated proof-of-concept USB device which when connected to a locked PC, hacks the device and installs a backdoor onto users’ PC allowing attacker to access victims’ online activities. It takes less than a minute and costs about $5.
Coffee in the Café
Imaging you are in the popular café near your workplace, where everyone tends to frequent, and you get up to refresh your drink. Being security conscious, you lock your laptop before you get up. Gone for only 2 minutes, it was enough for a smooth attacker to come by and slyly insert a small device into your laptop’s USB drive and then moments later remove it and walk away without anyone suspecting foul-play. You return to your locked PC, none the wiser, and continue to work, never knowing you have just been hacked.
Samy Kamkar, the security researcher, built the working proof-of-concept (POC) on Raspberry Pi Zero and Node.JS. When installed, it siphons cookies, exposes internal router and installs a web backdoor.
Vulnerable USB Ports
USB ports and drives have always been an infection point for malware to gain a foothold on computers. The reason for this is that most computers will install plug-and-play drivers for USB devices without much scrutiny. This trust can be taken advantage of by hackers who present less-than-secure drivers as a way to get in. With access to the USB port, credentials can be stolen even when the screen is locked. Current exploits can work against Windows, OSx, and Linux operating systems.
A new generation of hacking USB drives are being developed, putting all our PC’s at risk while we step away for a moment or are distracted. They will get more powerful and virulent over time. Professionals are at risk while at conferences, meetings, coffee shops and other venues where potentially untrustworthy people are present. It could happen in public, while at a customer’s site, or even in your own work office. It can take as little as 13 seconds and in many cases less than a minute to compromise the system and install a backdoor for remote access by the attacker. PoisonTap is just one example of emerging technology which will enable anyone with physical access to a computer (USB port) to potentially harvest data and gain access by spoofing an internet ecosystem. Such bold and scary attacks highlight the need to incorporate both improved physical and cyber security aspects to properly manage the evolving risks.