U.S. startup warns of potential security risks in using non-Bluetooth wireless mice, keyboards

Bastille, a startup firm in San Francisco, California, has uncovered vulnerabilities of wireless mice and keyboards that could enable an attacker to type arbitrary commands into a victim's computer.

The cyber security firm said Wednesday that while Bluetooth devices are not vulnerable for the same kind of attack, wireless mice and keyboards using radio communication protocols operating in the 2.4GHz ISM band are subject to hacking from up to 100 meters away.

Such mice and keyboards work by transmitting radio frequency packets to a USB dongle plugged into a user's computer. When a user presses a key on their keyboard or moves their mouse, information describing the actions are sent wirelessly to the USB dongle. The dongle listens for radio frequency packets and notifies the computer whenever the user moves their mouse or types on their keyboard.

To prevent eavesdropping, some vendors encrypt the data being transmitted by wireless keyboards. The dongle knows the encryption key being used by the keyboard, so it is able to decrypt the data and see what key was pressed. Without knowing the encryption key, an attacker is unable to decrypt the data, so they are unable to see what is being typed.

Bastille, however, tested wireless mice from seven vendors, including Amazon, Dell, Gigabyte, HP, Lenovo, Logitech and Microsoft, and found the devices use unencrypted signals, and their vulnerabilities vary from vendor to vendor.

The startup warned that problems in the way the dongles process received packets make it possible for an attacker to transmit specially crafted packets which generate keypresses instead of mouse movement/clicks.

It suggested that users should disconnect all affected USB dongles, and use wired keyboards and mice instead.

While some devices, such as Logitech and Lenovo 500, could be fixed with firmware update, mice from other vendors may not have a fix. Endit