A USB device is all it takes to steal credentials from locked PCs

Most users lock their computer screens when they temporarily step away from them. While this seems like a good security measure, it isn’t good enough, a researcher demonstrated this week.

Rob Fuller, principal security engineer at R5 Industries, found out that all it takes to copy an OS account password hash from a locked Windows computer is to plug in a special USB device for a few seconds. The hash can later be cracked or used directly in some network attacks.

For his attack, Fuller used a flash-drive-size computer called USB Armory that costs $155, but the same attack can be pulled off with cheaper devices, like the Hak5 LAN Turtle, which costs $50.

To read this article in full or to leave a comment, please click here