Kaspersky warns about using raspberry pi to hack networks

Security company Kaspersky has made another interesting finding in the past week. Apparently, a corporate network can be hacked very easily using a fairly basic hacking tool: A Raspberry Pi worth about $ 20 that can be set up in a few hours by someone with basic programming skills.

Raspberry Pi and other external devices could be used for hacking corporate networks

Raspberry Pi 3

The experiment carried out by Kaspersky involved the use of a Raspberry Pi configured as an Ethernet adapter, and which had the operating system slightly modified to incorporate some tools for stealing packets sent and received through the network and for data collection.

The company's security researchers have created a server to collect the data that the device would intercept, and the device powered by the Raspberry Pi would then be connected to the victim's computer to collect all of their data.

The results of the experiment were quite worrying, since the device was able to intercept the passwords of a corporate network at a speed of 50 passwords per hour - all of them hashed passwords, but with the possibility of being decrypted using known algorithms or used in pass-the-hash attacks.

This investigation was motivated by a true story of a cleaning worker who used a USB drive at the company he worked for in order to infect the entire network with malware.

Kaspersky said the attacks work because the victim's PC's operating system identifies the Raspberry Pi device as a wired LAN adapter, and gives it access to the network's data stream, regardless of whether it's Mac or Windows computers, although it seems that Linux PCs were not hacked by this trick.

Finally, Kaspersky recommends that business users always check the place for suspicious USB devices, as well as change passwords regularly or even enable two-step authentication.