Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Several wireless keyboards and mice vulnerable to attacks

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 24, 2016

Unauthorized wireless computer mice and keyboards can be used to compromise laptops, notebooks and PCs from up to 100 metres away using the portable peripherals from at least seven big vendors including Logitech, Microsoft, Amazon and a few others, says software engineer Marc Newlin.

The attacks target the typically cleartext and insecure communications between a non-Bluetooth port and a mouse, as opposed to the wireless link to a keyboard which is often encrypted most of the time.

Newlin, of security firm Bastille found that the attack works against thirteen mice and keyboards and reported the security vulnerabilities to respective vendors, some of which have already posted patches.

Users of unpatched devices are now exposed to some risk of attack should attackers deploy the exploit code and then uploads it to GitHub or other portals.

Those who cannot update their wireless devices have only the option of throwing out the hardware, although it should be noted that criminals would need to be sufficiently motivated to travel to the physical location of a victim in order to target them.

Newlin says the mousejack attack represents a class of encryption-free security vulnerabilities that can be exploited with less than $15 of hardware.

The bad news is that-- "There is no authentication mechanism, and the dongle is unable to distinguish between packets transmitted by a mouse, and those transmitted by an attacker," Newlin says.

"As a result, a potential attacker is able to pretend to be a mouse and transmit their own movement or click packets to a dongle," he added.

"Issues in the manner that the dongles process received packets make it possible for an attacker to transmit specially crafted packets which generate keypresses instead of mouse movement clicks," he said.

Nordic Semiconductor is responsible for the nRF-24L transceiver series that is used by the bedevilled devices. Newlin recognised this and built a spoofed mouse using an existing homebrew project that housed the nRF-24L transceiver within an old-school Nintendo game controller.

Here's how it works-- The nRF-24L chips do not officially support packet sniffing, but Travis Goodspeed documented a pseudo-promiscuous mode in 2011 which makes it possible to sniff a subset of packets being transmitted by other devices.

This enables the NES controller to passively identify wireless mice and keyboards without the need for an SDR. The NES controller proved to be an excellent platform for learning about the behavior of mouse communication protocols.

As opposed to passively collecting data, the NES controller translates d-pad arrows into mouse movement packets, and A/B buttons into left and right clicks.

In order to achieve a smooth user experience, it was necessary to create a model of the packet timing and specific behavior expected by the dongle.

A second tool was built with a few lines of Python code for packet sniffing and injection woven into an amplified USB 'Crazy Radio' dongle which included fuzzing capabilities.

Newlin added that the security vulnerabilities include keystroke injection, mouse and keyboard spoofing and forced pairing.

Source: Bastille Internet Security.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer