PoisonTap is built for the $5 Raspberry Pi Zero without any additional components other than a micro-USB cable & microSD card. It’s entirely automated. You plug it in, you leave it there for a minute, then you pull it out and you walk away. You don’t even need to know how to do anything! PoisonTap produces a cascading effect by exploiting the existing trust in various mechanisms of a machine and network, including USB/Thunderbolt, DHCP, DNS, and HTTP, to produce a snowball effect of information exfiltration, network access and installation of semi-permanent backdoors. The Attacker/spy plugs PoisonTap into a locked computer, and even when the computer is password protected all the data on your system is compromised. PoisonTap will respond to the DHCP request and provides the machine with an IP address, however the DHCP response is crafted to tell the machine that the entire IPv4 space (0.0.0.0 – 255.255.255.255) is part of the PoisonTap’s local network, rather than a small subnet (eg 192.168.0.0 – 192.168.0.255).