Vulnerability in wireless mice allows attacker to install rootkit within 10 seconds for less than $15

Researchers have found a vulnerability in wireless mice and keyboards that makes it possible to install a rootkit on computers , in a range of 100 meters , within 10 seconds, with equipment that can be bought for less than $15. Mice and keyboards of large manufacturers such as Microsoft, Dell, Lenovo, HP, Gigabyte and Logitech can be hacked this way.

https://vimeo.com/155601140

This is possible because wireless dongles used by mice and keyboards use radio frequencies to communicate. While the communication between keyboards and dongles is normally encrypted, communication with the mouse is usually not. An attacker that is within 100 metres of an USB dongle is able to intercept the signals between the mouse and computer. Besides intercepting the signal, the attacker can also replace the signal with specially crafted packages that can act as keystrokes instead of mouse clicks.

This way it’s possible to install a rootkit in 10 seconds without being physically in front of the computer. It can be done using only 15 lines of Python code and an USB dongle of $15. The attack works on Linux, Mac and Windows computers and is called MouseJack by Bastille, the company that discovered the vulnerability.

ADVERTISEMENT

Although computers can be hacked within a range of 100 metres, an attacker still needs to be able to look at the screen of the attacked device. Therefore the risk to become a victim of the attack is relative small, according to security experts.

Logitech has released a firmware update for affected mice, however most mice can’t be updated with new firmware. Because mice usually last for many years there will be many vulnerable mice the coming years.

ADVERTISEMENT