Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can be loaded onto a USB stick and used to hijack the Internet connection of one’s computer.
The way it works is that if someone leaves their computer unattended, a hacker can stick the USB drive into the unattended laptop and although the individual may be accessing information through a VPN, PoisonTap takes over the Internet traffic, and continues to work even after the USB drive is removed.
According to Kamkar, when PoisonTap is introduced into a device, it masquerades as an Ethernet device and requests the IP address, even if it is locked or password protected. Then the computer sends all of its Internet traffic though PoisonTap. It will scoop any requests to the Web and steal cookies from over 1 million web sites, which can allow the attacker to automatically log into sites without using a username or password. It can also redirect requests to the attacker’s site, which gives the attacker control over browsing.
The tip in response to this new attack?
Do not ever leave your laptop unattended (like on the train or in any other public place like a coffee shop). As we have mentioned before, review and put in place procedures that limit employees’ ability to introduce any foreign USB drives into the network, and provide employees education around the risks of USB drives, including PoisonTap.