A new rogue USB-to-Ethernet special adapter, that can assist attackers and hackers to perform an extraction of your computers credentials, even if your computer is locked, has surfaced.
While we lock our computers to assist in protecting our personal information from the public, that doesn’t hold up strong with this new USB extraction device. This USB-to-Ethernet adapter will allow hackers to unlock computers running on Windows or Mac OS X, stealing personal information. This is something that a simple $50 adapter will be able to do in just a couple of seconds – which comes off as extremely alarming.
Typically speaking, we, as avid computer users, often lock our computers when we go away. However, Rob Fuller has proven this technique to be…well, useless.
Fuller, the principle security engineer for R5 Industries, has been able to identify how the cyber criminals can utilize a special USB device to copy the targeted operating system account’s password hash. Even if your computer is locked, this device only takes a matter of seconds to accomplish its task.
This act is not quite as difficult to perform, due to the operating system’s ability to identify and even install the proper drivers for any and all new USB devices attached to the computer. This also includes Ethernet cards, even though your computer may remain in a locked state. The Ethernet cards, either wired or fast, are then configured automatically as the computers main default gateway portal.
Just take a quick second and assume that Hacker A will be plugging in a USB-to-Ethernet adapter onto Target A’s computer, which is running a Windows based operating system. This adapter will not only be automatically installed, but the computer will then set the new Ethernet adapter as the new main line of network interface.
While using the DHCP (Dynamic Host Configuration Protocol), your computers main operating system will configure the selected network card’s settings as soon as a new network card is installed. This translates to the cyber-criminals attempting to steal your information can now do so easily, using a rogue computer that is connected to the other end of that network cable. The attacker’s computer will act as a type of DCHP server. If configured correctly, you will still be able to get online and surf the Internet like nothing has happened. This then leaves more information exposed to the attacker. With this configuration, we can easily assume that the attacker is now in a position to be in an extremely privileged “Man-in-the-Middle” to further tamper, or even intercept, your incoming and outgoing traffic on the targeted computer.
Your typical computer, even if it is locked, will still continue to generate network traffic, thus, making it that much easier for hacktivists to extract even more information, such as account names and stored hash passwords. From start to finish, a hacker can perform this entire attack in just under 13 seconds.
Fuller highly recommends that active computer users never leave their computers logged in, even if the screen is locked.
Please watch this short YouTube video below in order to see what is involved…
You can follow Fuller’s feed posts from here to get more insight information about computer security and how to protect yourself.
Sources: YouTube, Hack Read, Room362 (Fuller’s Posts).
This article (USB Device to Steal Information, even if PC is Locked) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.