A security specialist and a blogger, Rob Fuller, demonstrated a new way to steal user’s credentials for entering the system. This attack can be used on both Mac and Windows. It takes about 13 seconds to hack into your computer using this method.
The hacking is possible after user logged into the system and then locked the screen.
The only tool that Fuller uses is Plug-and-Play USB Ethernet adapter. However, the adapter must be must be modified in advance. Low-level programming modifications allow the adaptor to act as a network gateway, a WPAD (Web Proxy Auto-Discovery) server, and a DNS server for the target machine. The hacking is possible due to Plug-and-Play technology mainly. Computers, both Windows and Mac, automatically install PnP devices allowing them to access the system and sharing some system information with them automatically. Fuller notes that the process happens even if the lock screen is on. Even though, interaction with the system when it is locked is limited. The system will not activate every PnP device. However, apparently, Ethernet adapters are in so-called “white list”.
While the system installs PnP device, the it shares user’s credentials that are necessary for the installation. Fuller’s code allows to capture this data and save it in SQLite database. The device is even equipped with an LED-light that lights up after the data was intercepted.
Even though, the threat of this attack should not be overrated. The hacking requires physical access to the system. Yet, it requires only 13 seconds to attain user’s credentials. Fuller tested the device on following systems: Windows 98 SE, Windows 2000 SP4, Windows XP SP3, Windows 7 SP1, Windows 10 (Enterprise, Home), OS X el Capitan, OS X Mavericks.
Stay in touch with our London IT Support service to know the latest news and keep yourself protected.