Wireless Mice, Keyboards Vulnerable

Friday, February 26, 2016 @ 04:02 PM gHale

There are vulnerabilities in USB dongles used for wireless mouse and keyboard peripherals.

An attacker could leverage these holes to take control of a victim’s computer.

Silverlight Exploit in Exploit Kit
Ransomware Targets Android Users
Exploiting a Flaw in Ransomware
Ransomware Locks Files, Tosses Key

This type of attack currently affects mice and keyboards sold by AmazonBasics, Dell, Gigabyte, HP, Lenovo, Logitech, and Microsoft, researchers said.

So far Logitech released a firmware update to protect their dongles against this type of attack. The other companies are aware of the problem and are working on a fix.

The attack, codenamed MouseJack, ended up discovered by IoT security firm Bastille, which found a flaw in how a wireless mouse/keyboard talks to its dongle.

By default, vendors foresaw issues with wireless input equipment and protected communications between the computer and the wireless device using encryption.

Bastille researchers found the USB dongle does not create unique pairings between the computer and its device. An attacker, therefore, could also use another similar device with the victim’s dongle.

In theory, this should have been impossible because encryption made sure a mouse/keyboard without the proper key could not connected to a dongle, researchers said.

Some devices did not enforce this policy and accepted unencrypted commands from other mice/keyboards, Bastille researchers said. Attackers could take control of the mouse’s movements or the keyboard’s input, manually or with automated attacks.

Researchers put together a Python script that could automate their attack in a matter of seconds.

That meant attackers could install malware on the victim’s computer, from a distance of up to 100 meters (330 feet) away.

Click here for technical details regarding the attack, along with a list of affected devices.