Samy Kamkar had built a device that is called Poison Tap. It is a Raspberry Pi Zero which plugs into the victims USB port. The device that looks like an Ethernet connection, your computer inherently trusts this connection and this is where the exploit starts.
emulates an Ethernet device over USB (or Thunderbolt)
hijacks all Internet traffic from the machine (despite being a low priority/unknown network interface)
siphons and stores HTTP cookies and sessions from the web browser for the Alexa top 1,000,000 websites
exposes the internal router to the attacker, making it accessible remotely via outbound WebSocket and DNS rebinding (thanks Matt Austin for rebinding idea!)
allows attacker to remotely force the user to make HTTP requests and proxy back responses (GET & POSTs) with the user’s cookies on any backdoored domain
does not require the machine to be unlocked
backdoors and remote access persist even after device is removed and attacker sashays away