A new computer espionage tool built on the $35 Raspberry Pi microcomputer has been detailed in a presentation at this yearâ€™s BlackHat conference in Amsterdam. This highly-advanced hardware keylogger is small enough to fit into a laptop docking station and powerful enough to intercept keystrokes, sniff network traffic, take screenshots, and more.
The Raspberry PI is a credit card-sized computer with a 700 MHz ARM processor rigged with 512 MB of RAM â€“ enough to run its own operating system â€“ and is equipped with two USB ports, an Ethernet connection, HDMI and an array of general-purpose ports.
As detailed in the presentation by Andy Davis, the Dell docking station for Latitude E series of laptops provide enough room to cram the Raspberry PI microcomputer along with the cables and, possibly, with a 3G modem that will be used to siphon stolen data. This approach ensures the rogue network traffic does not get detected or blocked in the company network. Screenshots and unauthorized video camera captures can be recorded on a third device such as Videoghost, although this will add some $150 extra to expenses.
Building a PI-based spy tool is not as simple as plugging a readily-available keylogger into a target system: it requires some basic skills such as identifying the dockâ€™s internal ports and soldering a couple of wires to connect the Raspberry. However, once built, this setup runs completely transparent, is immune to antivirus solutions and relies on its own 3G connection to send the stolen data or to process incoming malicious requests.
So, next time you leave for your lunch break, make sure you donâ€™t leave your laptopâ€™s docking station unattended. If this is not an option, use an antitheft lock to strap the docking station to your desk.