YOU SHOULD BE able to trust your wireless keyboard. And yet security researchers have been warning people to be suspicious of wireless computer accessories using sketchy radio protocols for years. Those warnings peaked five months ago, when hackers at the security firm Bastille found that millions of cheap keyboard and mouse dongles let hackers inject keystrokes onto your machine from hundreds of yards away. Now, in case you missed that message, the same researchers have extended their attack to millions more devices—and this time, they can not only inject keystrokes, but also read yours, too.
On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept the connection between any of eight wireless keyboards and a computer from 250 feet away> What’s more, it gives the hacker the ability to both type keystrokes on the victim machine and silently record the target’s typing.
Keysniffer apparently affects accessories that use a less secure, radio-based communication protocol rather than a Bluetooth connection. Some of the manufacturers found to offer keyboards vulnerable to the attack include HP, Anker, General Electric, Insignia, Toshiba, and more.
The keyboards’ vulnerability, according to Bastille’s chief research officer Ivan O’Sullivan, comes from the fact that they all transmit keystrokes entirely without encryption. The manufacturers’ only plan against attackers spoofing or eavesdropping on their devices’ communications is to depend on the obscurity of the radio protocols used. “We were stunned,” says O’Sullivan. “We had no expectation that in 2016 these companies would be selling keyboards with no encryption.”
KeySniffer is a set of security vulnerabilities affecting non-Bluetooth wireless keyboards from eight vendors. The wireless keyboards susceptible to KeySniffer use unencrypted radio communication protocols, enabling an attacker to eavesdrop on all the keystrokes typed by the victim from several hundred feet away using less than $100 of equipment. This means an attacker can see personal and private data such as credit card numbers, usernames, passwords, security question answers and other sensitive or private information all in clear text.
It sounds like something out of a Mission: Impossible movie. Someone could potentially record your private keystrokes from hundreds of feet away and you wouldn’t even know it. This could all be avoided if you had a wired keyboard—or a wireless one that didn’t use cheap parts.
But Bastille says that there’s no easy fix for the vulnerabilities it’s found, since the wireless devices don’t have a mechanism to push out a patch. Instead, the company is advising that anyone who owns one of the hackable devices switch to a wired keyboard, or at least one that uses actual Bluetooth.
For the security savvy, that’s not a new piece of advice.