One of the best ways to stay safe and secure when using your computers and other electronic devices is to be aware of the risks. For the past decade, that’s exactly what I’ve been doing.
Most of the risks are obvious: use strong passwords, don’t download and install software from untrusted websites, or hand over your unlocked device to a third party.
However, there are less obvious — yet equally dangerous — threats that can result in device or network intrusion, or even device destruction.
The tools that perform these actions can appear quite innocent and even resemble toys. But the fact that they can mix and match like ordinary pieces of technology makes these hacking tools particularly dangerous.
Here are seven bits of kit that look like ordinary tech gadgets, but are actually powerful hacking tools.
Note that none of these tools are specifically marketed as hacking tools. Instead, they are designed for security experts and penetration testers to assess companies’ security. But that doesn’t stop them — or similar tools — from being misused.
1. Flipper Zero
Flipper Zero looks like a children’s toy, all plastic and bright colors (eg Tamagotchi digital pets that will die or turn evil if you ignore them).
But underneath the fun exterior and dolphin virtual pet is a pen-testing Swiss Army knife, capable of all sorts of things, built-in infrared transceiver, sub-GHz wireless antenna, iButton/NFC/RFID reader/writer/emulator, and GPIO connectors, which allow the Flipper Zero to connect to other gadgets. There is also a USB port that can be connected to computers and smartphones.
This extensive capability means the Flipper Zero can be used to control objects with infrared remote control, clone RFID cards and NFC tags, capture and retransmit radio frequencies. Can be used to control objects, such as access barriers and even car locks, and connect to computers or iPhone and Android devices, which can be used to send keystrokes to the system. … well, a lot of what you can do with the keyboard.
And this is only the tip of the iceberg. For $169, Flipper Zero is a very capable tool.
2. O.MG cables
They look like regular charging cables, but have connectors built into one end. O.MG Cable is a small computer, which remains inactive until a cable is connected to a device such as a PC or Mac, or even an iPhone or Android smartphone. Then, when it connects, the computer wakes up and starts working.
The computer at the end of the O.MG cable acts like a miniature keyboard, outputting keystrokes to the device it’s connected to.
This hidden keyboard can do a lot of things that a keyboard operator can do. It can steal Wi-Fi passwords, copy files and move them to remote locations, delete files, plant spyware or malware and much more.
The capabilities of these cables are terrifying. The Elite version can connect to Wi-Fi, be programmed to trigger remotely, and even self-destruct, so the O.MG cable becomes a regular cable, allowing the technology to be hacked. It becomes difficult to identify the source.
Believe me when I say that these cables look, feel and work just like regular cables. They come in a choice of colors and connection types and blend in with your other cables.
Prices for one The O.MG cable ranges from $119 to $200, so they’re not cheap — and you definitely don’t want to mix these cables with your regular ones.
3. USB kill
USB kill The devices are small dongles that look like USB flash drives, but instead of storing data, they send circuit-busting electrical charges into the devices they’re plugged into.
Laptops, PCs, smartphones, and even TVs, network routers, and more that have a port are susceptible to being zipped by USB Kill.
The devices can be activated by pressing a button, using Bluetooth, running a time attack, or placing your hand over the device while wearing a secret magnetic ring.
These devices provide another reason to avoid putting random things in your devices.
4. USB Nugget
It is a simple and cheap, but very effective device.
Inside its tiny shell, the USB Nugget — which looks like a kitty — has everything it needs to release malicious payloads from whatever device it attaches itself to.
Thanks to the built-in ESP32–S2 Wi-Fi chipset, the device can be controlled remotely, so that a hacker does not have to be anywhere near the system.
5. Wi-Fi pineapple
It may look like a futuristic router, but it’s actually a sophisticated platform for executing wireless network attacks.
Using Wi-Fi Pineapple, you can create rogue access points and perform sophisticated man-in-the-middle attacks with the intent of stealing people’s login credentials.
Pineapple can also be used to monitor data collection from all devices in their immediate vicinity, and users can save and return to this data at a future date.
Pineapple can also be used to capture Wi-Fi handshakes, and this information can then be used to crack Wi-Fi access passwords. In short, pineapple is an incredibly powerful tool.
6. USB rubber ducky
A computer will trust the keyboard it’s plugged into because, well, humans use keyboards. Therefore, an easy way to attack the system is to get a device to pretend to be a keyboard and act as if it were a human typing.
If you’ve ever watched the TV show Mrs. Robot, you’ve seen the rubber duck attack. While we’ve already seen devices that can send keystrokes to a device, this tool is a dedicated one. Rubber ducky device.
While the tool looks like a normal flash drive, the rubber ducky can be programmed to “type” commands into any device it’s plugged into.
This tool is another reason why you shouldn’t just plug random things into your electronics. However, the rubber ducky is smart enough that someone can plug it into a device, leave it connected, and it can take days, weeks, or even months to find it.
7. LAN Turtle
On the outside LAN Turtle Looks like a normal USB Ethernet adapter, but inside is a tool that provides multiple ways for a hacker to see and then gain access to the network.
With a built-in microSD card holder, the LAN Turtle is a great tool for collecting interesting data traveling over the network.
LAN Turtle can scan the network, do DNS spoofing, and can even be set to send alerts when it sees certain patterns of network traffic.
Turtle is another one of those hacking tools that looks innocent and can remain undetected for a long time.
Credit : www.zdnet.com