There is now a small device that can be used for hacking into screen-locked Mac computers and computers from other brands, and it just costs $5 to make. The device is called PoisonTap and it is running on a Raspberry Pi Zero.
MacRumors reported Monday that the creator of the device, Samy Kamkar, showed off its functionality via a YouTube-uploaded video. The device is made up of a $5 Raspberry Pi Zero and a USB port connector. When it is attached to a computer, PoisonTap hijacks web traffic by tricking the device to believe that it is a standard internet connection. Then, it begins siphoning and storing the HTTP cookies of the user.
Stolen cookie data can be used by an attacker in accessing websites that have been visited by the owner of the computer. The attacker can use the data in logging in various sites because the stolen data includes username and password details. Therefore, the attacker can remotely access a person’s subscription accounts without the latter’s permission.
Given its use, Trend Micro security researcher Rik Ferguson said that PoisonTap is a threat to computer users who leave their devices unattended. “[In normal circumstances] Even when you are not using a web browser it is still making requests and communicating — due to updates or ads. Once the device is plugged in it exploits that communication and steals session cookies from the top one million websites,” Ferguson told the BBC.
Mac owners are also vulnerable even when they have two-step verification because PoisonTap has the ability to intercept cookies and pretend that it’s giving the system the correct pages until the system grants it remote access to the web browser. This explains why Inverse calls PoisonTap a "diabolical dongle."
The only known way of preventing the hacking device from penetrating the system is for the computer owners to use encrypted connection like HTTPS. It also helps if users close the browser whenever they leave their computers unattended.