Believe it or not, your wireless mouse is as vulnerable to hacking as the computer it is connected to. That’s right, there’s a new cyber crime out there and it’s called “MouseJacking.”
Whether you’re using a desktop, a laptop, a PC or a Mac, you’re at risk if you’re using a wireless mouse and keyboard to do your work—and it doesn’t matter whether you’ve purchased it from Dell, HP, Amazon, Microsoft, Logitech, Lenova or Gigabyte.
According to Mark Newlin, the Bastille researcher who first discovered the crime, “The weakness lies in the protocols used between the devices and the USB wireless receivers attached to host computers.” Apparently, the wireless devices can be hacked from 100 yards away. Once in, the hackers can make the host machines and available networks open to all sorts of malware.
So far the company has only tested the above-mentioned producers of the tech, but they claim other vendors’ gear could also be at risk. Many of the companies whose products have been affected have already begun issuing patches—while others have promised that they are in the process of doing the same. The widespread issue has many users on edge, because their devices could be encrypted and therefore susceptible to keystroke injection attacks from a remote computer equipped with an off-the-shelf USB wireless dongle.
While the remote computer has to be within 100 yards or so and in direct sight of the target, Newlin claims that the hackers can increase the distance of their attack by simply adding an auxiliary antenna. He went on to say that the victim must be logged in at time and could witness the crime happening if he or she were looking at their computer.
Newlin himself took weeks to fully understand and reverse-engineer the protocols and carried out numerous MouseJacks himself—sometimes attacking targeted computers from behind walls to test the strength of the signal.
Once in, hackers can write scripts that shoot off malware that would make the computer susceptible to further attacks or allow them to access any of the user’s resources via their authorized login.
The vulnerable devices all use Nordic Semiconductor chips—some of which support encryption. According to Newlin, the ones that do can be patched to implement the encryption, but the ones that do not have to be removed from the hostcomputer. He added that both the keyboard and mouse must not be in use at the time and that the computer must be turned on and unattended.
Many of the companies affected have issued statements about the matter. Microsoft said:
“Microsoft has a customer commitment to investigate reported security issues, and will proactively update impacted devices as soon as possible.”
Logitech’s senior director of engineering responded by saying that the vulnerability was “a difficult and unlikely path of attack. To our knowledge, we have never been contacted by any consumer with such an issue.” That being said, they were one of the first to issue a patch.
According to Dell spokesperson, Dell Technical Support is also on the case—workingwith their customers who have purchased their KM632 and KM714 mouse/keyboard packages. As of right now, there’s a patch for KM714.
Some of the other company’s have yet to release a statement or a patch. If you own one of their products, check with their site to see if anything is in the works.
Make sure there’s not fishy activity on your device by trying a free cell phone spy app.