Skip to main content

Damaging hacking tools could be yours for just £15

(Image credit: Image source: Shutterstock/Ai825)

If you have £15 spare and some ‘basic programming knowledge’, you can create a powerful hacking tool that can collect huge amounts of user credentials, easily. The best part about it is that you don’t even need to use any malware or viruses – everything can be clean as a whistle. 

The news was revealed by security experts Kaspersky Lab, which was able to create such a device using a Raspberry-Pi microcomputer that was then configured as an Ethernet adapter.

With a few simple modifications to the OS running the machine, and with the help of a few publicly available packet sniffing, data collection and processing tools, they were able to set up a server to collect intercepted data. 

The conclusion is that attacked machines can easily be fooled into seeing the Raspberry-Pi computer as a LAN adapter, automatically assigning it higher priority and giving it access to data exchange in the network.  

“As a result, researchers were able to collect authentication data sent by the attacked PC and its applications, as they tried to authenticate domain and remote servers. In addition, researchers were also able to collect this data from other computers in the network segment,” Kaspersky Lab said in a press release.

“There are two major things that we are worried about as a result of this experiment: firstly – the fact that we didn’t really have to develop the software – we used tools freely available on the Internet. Secondly – we are worried about how easy it was to prepare the proof of concept for our hacking device. This means that potentially anyone, who is familiar with the Internet and has basic programming skills, could reproduce this experiment. And it is easy to predict what could happen if this was done with malicious intent. The latter is the main reason why we decided to draw public attention to this problem. Users and corporate administrators should be prepared for this type of attack”, said Sergey Lurye, a security enthusiast and co-author of the research at Kaspersky Lab.

Image source: Shutterstock/Ai825

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.