Turn Your Arduino Into a (Fake) Honeypot

Redditor “bpoag” got a little bored the other night, so decided to write some code to turn an Arduino into a honeypot.

For those who may be unfamiliar with honeypots, these devices are meant to detect, deflect, or in some manner, counteract attempts at unauthorized use of information systems. Generally, it consists of data that appears to be a legitimate part of the site but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, which are then blocked.

Or as bpoag puts it, “a system which looks and feels like an ancient bank credit card processing gateway from the 1980's… complete with slow-speed 1200 baud, and uppercase-only text.”

This project is complete fake, a fake designed to convince any would-be hacker that they should spend their time further investigating this system. The login message is fake, the bank name is fake, even the error message is fake. It’s not even attempting to authenticate against anything; all that’s behind the login and password is a little 32KB Arduino Uno sitting on a desk.

To see it for yourself, just use PuTTY (or actual telnet) to m80.ddns.net, port 23.

bpoag has also set up a webcam, and connected a 16x2 LCD screen to the Arduno to show the login and password each hack attempt is using. Currently, it takes about seven or so minutes before someone else comes along and tries to gain access, showing just how quickly and frequently hack attempts into IoT devices occur.

So, how is this Arduino connected to the net? Super simple. I have a Raspberry Pi in the background running TCPSER — a program that acts as a software-emulated modem. The Arduino speaks over its serial port to the Raspberry Pi, and the instance of TCPSER handles the task of converting between TCP and Serial on the backend. From there, all I needed to do is open port 23 on my router, and point it to the TCPSER port..and voila.

If you’ve got an Arduino and a Pi lying around, bpoag was able to get this all up and running within about two hours. You can read more about this project on its Reddit thread here.