Wireless keyboards and mouse dongles are easy to hack and inject keystrokes onto a user machine from several yards away, suggests a new report by researchers at Bastille Networks. The hackers at security firm Bastille had earlier revealed how cheap wireless keyboards and mouse dongles work on an unencrypted radio network thus making them susceptible to interruption.
Now the researchers have found several more of these wireless keyboards to be susceptible to an attack called Keysniffer. The Bastille Networks claims these wireless keyboards are not only easy to inject with keystrokes, but it is also easy to record the target’s typing. In a brief, the researchers at Bastille Network have found most wireless keyboards to lack encryption, which allows hackers to inject and sniff keystrokes from just 250 yards away. The really scary bit: hackers don’t even need any costly equipment execute such attacks.
The report released by Bastille Research Team’s Marc Newlin states Keysniffer is a set of security vulnerability that affects non-Bluetooth wireless keyboards from eight vendors. The keyboards vulnerable to Keysniffer are manufactured by Anker, EagleTec, General Electric, HP, Insignia, Kensington, Radio Shack and Toshiba. The Wired quotes Ivan O’Sullivan saying, “The keyboards’ vulnerability comes from the fact that they all transmit keystrokes entirely without encryption.”
The research report states all of these wireless keyboards operate in the 2.4GHz ISM band using GFSK modulation. In case of GFSK modulation, rather than directly modulating the frequency, the data pulses are sent through a Gaussian filter in order to make the transitions smoother. The GFSK modulation reduces interference with neighbouring channels, and is highly used by Bluetooth and Wireless USB devices. The manufacturers of these keyboards don’t encrypt the keystroke data before it is sent to the wireless USB dongle. The lack of security protocol allows for attackers to eavesdrop on target’s typing and even transmit their own malicious keystrokes.
With keystroke sniffing, attackers gains access to email addresses, usernames, passwords, credit card information and other sensitive information. While wireless keyboards for long have been susceptible to keystroke sniffing, the ones affected by Keysniffer can be attacked even when the user is not typing or not present anywhere near the keyboard.
Is there a way to mitigate this vulnerability? The security researchers at Bastille Networks say there is no way to protect these keyboards since they don’t support firmware updates. The only way to protect one from eavesdropping is by switching to wired or Bluetooth keyboards.