Paranoid about “Evil Maid” Attacks? Ex-NSA Hacker Releases an App that Promises to Protect You
We may want to hide under the Egyptian cotton sheets believing that the hotel room that you have booked for no more than a week is safe, cozy, and even more comfortable than your home. But all these luxuries that come with a price also include a free shot of insecurity. So-called “evil maid” attack is one of the most well-known attack techniques that security experts, politicians, journalists, and other targets are warned about when staying at hotels.
An attacker usually sneaks into the target’s hotel room with or without the help of hotel staff with a goal to tamper with the target’s laptop. While most attackers wait for the time their targets leave their hotel rooms, in the case of Patrick Wardle – a former NSA hacker – he was lured into a Tinder date in Moscow.
Considering his background in the elite hacking unit known as Tailored Access Operations, he was already cautious enough to fly to Russia to attend a cybersecurity event with a burner PC devoid of any sensitive data. However, when his date told him she was a former Ministry of Foreign Affairs employee, he started getting worried if he had been lured out of his room and someone was targeting him under the obnoxiously-titled “evil maid” attack.
While Wardle never found an answer to this question or any evidence that his laptop was tampered with, he was inspired to create an app that will alert users if someone messes up with their MacBook.
Do Not Disturb app promises to alert you when someone opens your MacBook in your absence
“The majority of ‘evil maid’ attacks require an active, awake computer,” Wardle told Wired. “So Do Not Disturb runs on your Mac and monitors for lid-open events, which are kind of a generic precursor for a lot of physical-access attacks.”
Do Not Disturb basically sends users a notification as soon as someone opens the lid of their computer. It also allows you to take a photograph of the person trying to use your computer through the webcam, shut the computer off remotely, record screen activity, and keep logs of commands executed on the machine.
“If someone tries to break into your device, it alerts you.”
However, a savvy attacker can disable WiFi connection to the computer to block it from sending the notification. In such cases, it will still store the evidence on the laptop itself. Wardle said that “any security tool has limitations and weaknesses, and anyone who says otherwise is trying to sell you snake oil.”
Wardle’s isn’t the only solution to these attacks. Edward Snowden – another ex-NSA contractor – had also released an Android app that aims to take “surveillance technologies in smartphones and flip them on their head.”
This Do Not Disturb Mac app will be released for free. However, the accompanying iOS app – once approved – will go for $9.99 annual subscription. Users can avoid paying that by receiving email notifications and not using the app that offers added features.