Kamkar’s new exploit, PoisonTap, uses free software and a $5 Raspberry Pi Zero microcomputer. After attaching the Raspberry Pi to a USB adapter and plugging it in, the device goes to work. In all of 30 seconds, it bypasses your lock screen and begins installing a backdoor that works even after the device is removed from the USB port.
The article lists some ways to protect your machine, but misses the big one in my opinion. Don’t let anyone get their hands on your computer. 😉