Do you ever leave your computer unattended because you feel confident that your login password will keep people out? You might want to think again. Recently, a Los-Angeles based software engineer named Samy Kamkar designed a piece of… well… software that he calls Poison Tap. Poison Tap is designed to bypass any password locked computer and opens the machine to remote access without the user knowing anything about it.

Poison Tap was designed to be ran on a $5 device called Raspberry Pi Zero. A Raspberry Pi Zero is a minuscule computer that can fit in the palm of your hand. Utilizing a Pi Zero, USB adapter, and of course the Poison Tap software itself anyone can compromise your computer in a matter of just sixty seconds. That is a brief time to be away from your computer, so it makes this hack particularly dangerous for a large portion of computer users.

Once plugged into a computer Poison Tap makes the target system think that it is connected to a network. It then hijacks all unencrypted network traffic from a web browser that is open on the computer even while locked and/or asleep. The software then injects HTML into the open web browser pretending to serve up the correct pages to the system. The computer is then forced to take in JavaScript code and stores it in the web cache at the same time granting remote access to the computer’s browser.

After this process is complete, Poison Tap acquires and collects all of the target user’s unencrypted login cookies. The hacker can then proceed to use the stolen cookie data to access all websites the user visited using the user’s own login details. The only positive aspect of this attack is that cookies from sites visited that were secure (https://) are unable to be obtained through the attack.

Now that Poison Tap has been used in the wild, we suggest a few security measures. First, and the most easy to implement, is to not leave your computer unattended. Second, we suggest completely closing your web browser prior to shutting your computer’s lid. In all main stream web browsers (Chrome, Edge, FireFox, etc…) you have the ability to pick up where you left off after closing the browser. Lastly, we suggest that you clear your browsing history on a regular basis.

Poison Tap throws out the conventional thought of first layer computer security. The software’s ability to bypass standard security measures such as password protection, two-factor authentication, DNS pinning, and more, even when the system is locked and/or sleeping is very concerning. Following our suggestions will help you in defending your system from would-be hackers attempting to open the Poison Tap on your unsuspecting computer.

For a more detailed breakdown, please visit the software developer’s site.

 

poison_tap_plug

 

 

 

Posted by Shawn Thornton

My name is Shawn and my professional background is in Project Management and Information Technology. I received my Bachelor of Science in Management and Marketing from the Merrick School of Business at the University of Baltimore. I am currently attending school to prepare me for a Master’s program in Cyber Security. I enjoy anything tech.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s