How to Hack a Computer from 100 Meters by Hijacking its Wireless Mouse or Keyboard

No matter how secure you think your computer might be, something malicious can always happen. As a Computer is an open book with right tools and talent.

The same is proved by a group of security researchers by hacking into a computer with no internet, and no Bluetooth devices.

Yes, it is possible for attackers to Hack Your Computer through non-Bluetooth devices such as your wireless mouse and keyboard and install Malware or Rootkit onto your machine.

That innocent-looking tiny dongle plugged into your USB port to transmit data between your wireless mouse, and the computer is not as innocent as it pretends to be.

What’s the Vulnerability?

Security researchers from the Internet of things security firm Bastille have warned that wireless keyboards and mice from seven popular manufacturers including Logitech, Dell, Microsoft, HP and Lenovo are…

…vulnerable to so-called MouseJack attacks, leaving Billions of computers vulnerable to hackers.

The flaw actually resides in the way these wireless mice and their corresponding radio receivers handle encryption.

The connection between the tiny dongle and the mouse is not encrypted; thus, the dongle would accept any seemingly valid command.

How to Hijack Wireless Mouse and Hack Computer?

Wireless mice and keyboards communicate via radio frequency with a USB dongle inserted into the PC. The dongle then sends packets to the PC, so it follows the mouse clicks or keyboard types.

While most wireless keyboard manufacturers encrypt traffic between the keyboard and the dongle in an effort to prevent spoofing or hijacking of the device.

However, the mice tested by Bastille did not encrypt their communications to the dongle, allowing an attacker to spoof a mouse and install malware on victim’s PC.

With the use of around $15-$30 long-range radio dongle and a few lines of code, the attack could allow a malicious hacker within 100 meters range of your computer to intercept the radio signal between the dongle plugged into your computer and your mouse.

The hacker can, therefore, send packets that generate keystrokes instead of mouse clicks, allowing the hacker to direct your computer to a malicious server or website in mere seconds.

During their tests, researchers were able to generate 1000 words/minute over the wireless connection and install a malicious Rootkit in about 10 seconds. They tested several mice from Logitech, Lenovo, and Dell that operate over 2.4GHz wireless communications.

Who are Affected?

The following is the list of the wireless keyboard and mouse manufacturers whose non-Bluetooth wireless devices are affected by the MouseJack flaws:

  • Logitech
  • Dell
  • HP
  • Lenovo
  • Microsoft
  • Gigabyte
  • AmazonBasics

Billions of PC users with wireless dongles from any of the above manufacturers are at risk of MouseJack flaw. Even Apple Macintosh and Linux machine users also could be vulnerable to the attack.

These mice are separate from Bluetooth mice that are not affected by this security issue.

Many Wireless Devices will Never Receive any Patch

The researchers have already reported the security issue to all the seven manufacturers, but as of today, only Logitech has released a firmware update that blocks MouseJack attacks.

However, there are a wide number of cheaper mice that don’t have updatable firmware, due to which all of them will remain vulnerable forever, which could be a major issue in business environments where peripherals are often utilized for several years before being replaced.

Although Lenovo, HP, Amazon, and Gigabyte did not comment, a Dell spokesperson advised the users of the KM714 keyboard and mouse combo to get the Logitech firmware patch via Dell Tech Support and the KM632 Combo users to replace their devices.

Here’s the list of affected devices, so if you are using one of them, it might be time to check for updates, and if not available, replace your existing peripheral.

For more in-depth knowledge, you can refer this white paper explaining technical details.

Via: thehackernews

Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *