The R70 device that can hack any locked computer
A new $5 tool called PoisonTap allows an attacker to break into your password-protected computer, as reported by Motherboard.
The device was created by developer Samy Kamkar, and can access a locked PC as long as there is a browser open in the background.
The PoisonTap is based on a Raspberry Pi Zero, with an attacker only required to plug it in and wait – it is fully automated.
“You plug it in, you leave it there for a minute, then you pull it out and you walk away. You don’t even need to know how to do anything,” Kamkar told Motherboard.
One the device is plugged into a PC via a USB port, it emulates a network device and attacks all outbound connections by pretending to be the “whole Internet”.
This allows an attacker to steal the victim’s cookies, as long as they come from websites that don’t use HTTPS web encryption.
Security experts said that while the device may not cause huge concern, it was important to remember that allowing physical access to your PC is dangerous – even if it is locked.