Keyboards and mice communicate with their dongles by sending RF packets. The security hole poses a serious risk because the attacker does not need physical access to the targeted machine before carrying out malicious operations. Since the vulnerability affects the USB dongles shipped with wireless keyboards and mice, it can be exploited to attack any PC, Mac or Linux computer. A malicious actor can use this method to download malware, steal files, and perform other activities they could normally do if they had access to the computer’s keyboard. The security firm says non-Bluetooth wireless devices from other vendors could be affected as well.Īn attacker who is within 100 meters (328 feet) of the targeted device can exploit the flaw, which Bastille has dubbed “ Mousejack,” to remotely type arbitrary commands into a victim’s computer using just a $15 USB dongle connected to the hacker's laptop. Now, researchers from Bastille reported uncovering a vulnerability that affects wireless mice and keyboards from several top vendors, including Dell, Logitech, Microsoft, HP, Amazon, Gigabyte, and Lenovo. It has also been demonstrated that Bluetooth keyboard attacks in which an attacker transmits data to the device via the USB dongle are possible. Over the past years, researchers demonstrated that the lack of strong security mechanisms used by these peripheral devices can be leveraged to log keystrokes and even send arbitrary data to a computer.Įxperts have shown that data can be easily captured by a nearby attacker from many wireless keyboards that use Bluetooth and RF. Wireless mice and keyboards communicate with computers over Bluetooth, radio frequency (RF) and infrared via a USB dongle plugged into the device. Researchers at IoT security company Bastille claim to have found a way to hack computers via a vulnerability present in many wireless mouse and keyboard dongles.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |