Strange New Attack Lets an Intruder Gain Access Through a Mouse Dongle

Feb 24, 2016

New intrusion technique affects most non-Bluetooth wireless mice

Researchers at Bastille Networks have discovered a flaw in some keyboard and mouse dongles that could allow an attacker located within 100 meters of the computer to execute commands on the system through the dongle. The computer receives the commands as if they were typed by the user sitting at the system.

The “Mousejack” attack capitalizes on a gap in the security of non-Bluetooth mice and keyboards from seven different vendors that use Logitech’s Unifying wireless USB technology. According to Bastille, “Once paired, the Mousejack operator can insert keystrokes or malicious code with the full privileges of the PC owner and infiltrate networks to access sensitive data. The attack is at the keyboard level, therefore PCs, Macs, and Linux machines using wireless dongles can all be victims.”

The Bastille Networks website has a dramatic video showing how the attack works. See the article at the Threatpost site for additional information.
 

Related content

  • Detecting Intruders Intro

    If you think your systems are too obscure for an attacker to worry about, think again. Today’s intruders are happy for any victim.

  • Ask Klaus!

    Changing default applications, switching BIOS settings for newer distros, running an old Windows application in VirtualBox with a security dongle, and Live distro security with an overlay file.

  • Intrusion 101

    You need to think like an attacker to keep your network safe. We asked security columnist Kurt Seifried for an inside look at the art of intrusion.

  • Command Line – Bastille Linux

    Security applications like antivirus protectors respond to events, rather than preventing them from happening, but the best security in Linux is architectural – that is, in its configuration.

  • Rootkits and Linux Security

    Your Linux system may not be so airtight after all. To understand the threats, you need to think like an intruder. We'll show you what the intruders are thinking now about the Linux 2.6 kernel.

comments powered by Disqus

Issue 211/2018

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News