Keep Your Computer Close: PoisonTap Can Unlock It Almost Instantly

By on Nov 21, 2016

It’s never a good idea to leave your computer unattended. Since it carries mounds of valuable data, an unchaperoned computer is essentially an open invitation to theft or a hack. And while a password is usually a reliable barrier for blocking an attacker from getting inside your computer, there’s a new device that now renders that password useless. It’s called PoisonTap: it’s 5 dollars and can unlock your computer within 30 seconds.

Created by Samy Kamkar—the engineer behind other low-cost hacks such as a keylogger disguised as a USB charger—PoisonTap, a payment card-sized device, installs a privacy-invading backdoor as soon as it’s plugged in to either a Mac or PC. Yes, it can do this even when the machine is locked with a strong password.

Once it’s in, it covertly poisons the browser cache with malicious code that can live on, even after the tool is removed. Then, intercepting all unencrypted Web traffic, the device sends that data to a server under the attacker’s control.

This makes the cybercriminal the puppet master of your entire Web browser, or even worse, the connected router. Though crooks must actually overcome the password protection on the exposed router, unpatched authentication vulnerabilities or default credentials on many models make this a fairly simple task.

In addition to how easy this task is, remember the overall process is cheap and quick, too – which makes PoisonTap one of the most dangerous and alluring devices out there for attackers. Therefore, with PoisonTap ready to spread like wildfire, its pertinent to look at the device as an important reminder to us all about the risky nature of leaving a computer, even a password-protected one, unattended. It’s a crucial habit to break, in both the office and at home.

Source: YouTube/Samy Kamkar
Source: YouTube/Samy Kamkar

Beyond remaining aware of your device’s whereabouts, here are a few other tips on how to stay safe in the face of Web browser attacks:

  1. Use sites protected by HTTPS encryption. Look for “HTTPS” in the prefix of the URL you are visiting. These sites use authentication to protect the privacy and integrity of exchanged data. Therefore, if you limit your internet searches to these protected sites, you’re better securing whatever data you’re entrusting that site with.
  2. Close your browser before locking down your computer. If you do need to leave your computer unattended for a moment, at minimum make sure to close out all browsers before locking it down. Mac users should enable FileVault2 and put your machine to sleep before walking away, since browsers are unable to make requests in that state.
  3. Clear your cache often. It’s always healthy to regularly flush out your browser. Though it’s not the most powerful measure, you could still use this practice to clean out some potentially compromising data in case you were ever attacked.
  4. Secure every path to the Internet. Beyond your computer, you own many devices that have multiple Web gateways. Protect them all with McAfee Web Protection, to block internet threats and browse freely. 

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee on Twitter, and ‘Like’ us on Facebook.

gary

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs