sb-au logo
Story image

Careful with your fingers: Hackers can steal everything you type

05 Aug 2016

In these modern digital times, people are gradually learning to not trust anything. Take Mark Zuckerberg for example, who caused a fuss recently when it was revealed he has a strip of tape over the webcam on his computer.

Well now you can add the seemingly trust-worthy keyboard and mouse to that list. Earlier this year, security firm Bastille found that millions of cheap keyboard and mouse dongles let hackers inject keystrokes onto your machine from hundreds of yards away. Now, the same researchers have extended the extent of the attack to millions more devices. What’s more, they not only inject keystrokes, but they can also read yours too.

Bastille’s research team recently revealed a new set of wireless keyboard attacks that they’re calling Keysniffer. The technique essentially allows any hacker with a $12 radio device to intercept the connection between wireless keyboards and a computer from over 75 metres away.

"When we purchase a wireless keyboard we reasonably expect that the manufacturer has designed and built security into the core of the product," says Marc Newlin, the Bastille researcher who discovered the vulnerability. "Unfortunately, we tested keyboards from 12 manufacturers and were disappointed to find that eight manufacturers (two-thirds) were susceptible to the KeySniffer hack."

According to Bastille, the main reason behind the problem is that most connections between computers and the identified keyboards don’t use encryption (unlike more expensive models). This leaves them vulnerable to a hacker with special equipment that certainly won’t break the bank.

However, Bastille affirms the issue doesn’t affect Bluetooth keyboards because they are subject to industry standards that require stronger security measures.

Moral of the story? While it remains unclear if any of the keyboard makers intend to offer refunds or replacements to customers with vulnerable models, Bastille recommends replacing the dongled wireless keyboards with Bluetooth or wired versions.

Story image
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Story image
Users becoming more savvy with COVID phishing scams
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks."More
Story image
Cybercriminals influencing financial markets, report finds
The financial sector is being targeted by cybercrime cartels and nation-states, and the bank heist has evolved significantly — from a heist to a hostage situation.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More