Flashback: Is your power strip spying on you? Complex hacking device looks like extension cord


(Cyberwar.news) I’ve said often that the Information Age in which we currently find ourselves is turning out to be a double-edged sword when it comes to striking a balance between advancing our quality of life and preserving our freedoms.

Such is the case with a “new” product called a power strip.

Wait. I know. You’ve heard of power strips. Heck, you’ve probably got several of them in your home, powering your various electronic devices, television sets, DVD players, etc.

But did you know a company now makes a power strip that can actually spy on you.

According to Adrian Kingsley-Hughes at Forbes.com, this insidious new device looks, for all intents and purposes, like an ordinary power strip.

Evil piece of kit

The company, called Pwnie Express, manufactures a strip called the Power Pwn, which is described as “a fully-integrated enterprise-class penetration testing platform.”

“Through it’s (sic) ingenious form-factor and highly-integrated/modular hardware design, the Power Pwn covers the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer,” the company says.

Hmmm. That’s highly technical talk and it’s too complicated except for a few tech gurus who can speak that language. According to Kingsley-Hughes: “This is an evil piece of kit.”

Some of the device’s features are:

— It is “unpingable” and there are “no listening ports in stealth mode” (my emphasis)

— It’s capable of carrying out “passive recon”

— It has 16GB of “internal disk storage” (for what?)

— “Maintains persistent, covert, encrypted SSH access to your target network”

According to Forbes, the power strip “could sit unnoticed in a home or work environment and yet be spying on an entire network.”

Sinister.

Another feature is an unlocked 3G/GSM adapter, which makes the strip compatible with GSM carriers in nearly every country on the planet.

“A hacker can communicate with the Power Pwn either over the web or via SMS text messaging, and it can be used to launch remote attacks against Wi-Fi, Bluetooth, and Ethernet networks,” says Kingsley-Hughes.

Back to the term “pentest.” That is short for penetration test, which is the method of evaluating the security of a network or computer system by simulating an outside hack attack.

“These tests are carefully designed and crafted to define any gaps in systems without causing any downtime or unnecessary security risks,” says a definition from Network Security Services, Inc., an IT security firm.

What in the world is this thing really for?

But really, is this device all that bad? Well, you be the judge. According to tech journal Wired.com, its development was seed-funded by a DARPA – the Defense Advance Research Projects Agency – program called Cyber Fast Track.

“Hidden inside are Bluetooth and Wi-Fi adapters, along with a number of hacking and remote access tools that let security experts prod and poke the network, and even call home to be remotely controlled via the cellular network,” says the Wired.com report.

PCWorld.com suggested the Power Pwn’s primary use is to conduct “covert government operations – a physical penetration testing tool to complement advanced malware attacks like Stuxnet and Flame.”

But whatever its real intentions, techies concerned about its capabilities say that no matter what, any attacker with about $1,300 (the suggested retail price of the device) can purchase one and deftly place it in your office to monitor/hack your systems.

“It’s time to take inventory of the outlet strips and surge protectors in your office. Mark them, label them, and otherwise identify them as your own, then implement a policy against using any unapproved or unauthorized power strips. Your network and your data might depend on it,” says PCWorld.com.

Reporting by J.D. Heyes, NaturalNews.com.

Sources:

http://www.forbes.com
http://pwnieexpress.com/products/power-pwn
http://www.cft.usma.edu/
http://www.pcworld.com

Cyberwar.news is part of the USA Features Media network. Check out our daily headlines here.

value="Enter your email address here..." style=" border-radius: 2px; font: 14px/100% Arial, Helvetica, sans-serif; padding: .2em 2em .2em;" onfocus="if(this.value == 'Enter your email address here...') { this.value = ''; }" onblur="if(this.value == '') { this.value = 'Enter your email address here...'; }" />

style="display: inline-block;

outline: none;

cursor: pointer;

text-align: center;

text-decoration: none;

font: 14px/100% Arial, Helvetica, sans-serif;

padding: .2em 1em .3em;

text-shadow: 0 1px 1px rgba(0,0,0,.3);

-webkit-border-radius: .2em;

-moz-border-radius: .2em;

border-radius: .2em;

-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.2);

-moz-box-shadow: 0 1px 2px rgba(0,0,0,.2);

box-shadow: 0 1px 2px rgba(0,0,0,.2);"

>



Comments
comments powered by Disqus

RECENT NEWS & ARTICLES