Cyber-security firm Bastille Research have discovered that wireless keyboards made by eight different companies are vulnerable to attacks from hackers. The vulnerability allows hackers to monitor keystrokes from up to 250 feet away with minimal effort.
Labeled KeySniffer, or Keyjack (referring to hijack) attacks by Bastille, the keyboards affected include models from manufacturers Hewlett-Packard (HP), Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric, and EagleTec.
Bluetooth keyboards and more sophisticated wireless keyboards from Logitech, Dell, and Lenovo are not susceptible to KeySniffer.
Hackers intercept the keyboards
Bastille explains that every keystroke users type gets broadcasted from the wireless keyboard to the computer in a KeySniffer attack. But now hackers can secretly intercept and receive them as well in 100% clear text.
The criminals then search for card numbers, expiration date, CVV code, bank account usernames and passwords, answers to security questions, network access passwords and other secrets involving business or personal documents and emails.
The victims will only notice the crime by the time they check their empty bank accounts, in what would be without a doubt the worst case scenario for a regular person. Politicians, for example, could be more concerned about private emails.
As the wireless keyboards in question are always broadcasting, even if the users aren’t typing at all, hackers can easily detect them by scanning a room, building, or public area for vulnerable devices nearby. And is a relatively cheap affair for hackers who can pull it off with a 2.4GHz radio transmitter ($30 to $40) and a directional antenna ($50) for less than $100 online.
Through a statement from Bastille Research Team member Marc Newlin, responsible for the KeySniffer discovery, the cyber-security firm said that, when testing keyboards, they had expected manufacturers to have designed and built security into them to avoid these type of incidents.
— Bastille (@bastillenet) July 28, 2016
They were surprised to find that out of twelve keyboards tested, only four weren’t susceptible to Keyjack, with the remaining eight all being potential victims.
Keyboard attacks are no novelty
Launched in 2014, Bastille has become a pioneer in Internet of Things (IoT) security with state of the art technology to help protect cyber and human property from threats posed by wireless IoT devices.
So, Bastille knows first hand this isn’t the first time but are certainly trying to make of it the last one. In fact, the KeySniffer is closely related to another vulnerability also discovered just months ago by Bastille that goes by the name of MouseJack, which affects wireless mice.
Back in 2009, the KeyKeriki team launched a project that intended to enable “every person to verify the security level of their keyboard transmissions, and demonstrate the sniffing attacks (for educational purpose only).”
They went on to expose weaknesses in the encryption of certain Microsoft wireless keyboards.
Apparently, Microsoft didn’t pay much attention and, in 2015, Samy Kamkar’s KeySweeper exploited its vulnerabilities found in the encryption. However, Microsoft’s keyboards at least have encryption, unlike the ones being produced and sold by others manufacturers such as those exposed by Bastille regarding KeySniffer attacks.
Source: Business Wire