Social media and Tech Updates

Translate

Now Hacker Can Hijack Computers Through Your Wireless Mouse or keyboard with "Mousejack"

With the help of $15 USB dongle, and some lines of code, hackers can hack computer from 100 meters away. And MouseJack attack does not require specialized or expensive equipment.
Researcher at Bastille threat Research Team, Marc Newlin, said
MouseJack is a collection of security vulnerabilities affecting non-Bluetooth wireless mice and keyboards. Spanning seven vendors, these vulnerabilities enable an attacker to type arbitrary commands into a victim’s computer from up to 100 meters away using a $15 USB dongle

Bastille threat Research Team noted that, Notable wireless keyboard and mouse manufacturers affected by the Mousejack discovery include: Logitech, Dell and Lenovo, but most non-Bluetooth wireless dongles are vulnerable.

Mousejack

Bastille threat Research Team noted that: "Wireless mice and keyboards commonly communicate using proprietary protocols operating in the 2.4GHz ISM band. In contrast to Bluetooth, there is no industry standard to follow, leaving each vendor to implement their own security scheme".  Means, Security flaw in the way vendors configure non-Bluetooth wireless mice and keyboards.

Most of the keyboards encrypt data before transmitting it wirelessly to the dongle, but not all of the dongles require that encryption is used. Most vendors have encrypted these communications but those that don’t are vulnerable to attackers using a USB dongle an attacker can pair a fake keyboard with the dongle, and use it to type arbitrary commands on the victim’s computer.

You can check from this list, if your device is in affected list, you should install the update before continuing to use the affected mouse or keyboard. Or, you should get a wired mouse and keyboard.
Image Source bastille.

No comments:

Post a Comment