- Feb 4, 2016
- 549
Bastille security researchers found a vulnerability in wireless mice that makes it possible to install rootkits on PCs. The company specializes in security for Internet of Things (IoT or Internet of Things).
If exploited, the vulnerability christened MouseJack can allow a hacker to 100 meters away from the target install a rootkit in 10 seconds.
Wireless mice from several vendors, including Microsoft, Dell, Lenovo, HP, Gigabyte and Logitech are vulnerable.
A list of models tested by the company and affected by the vulnerability can be seen below:
AmazonBasics
Wireless Mouse MG-0975 - USB dongle RG-0976 (USB ID 04f2:0976)
Dell
Dell KM714 Wireless Keyboard and Mouse Combo - KM714 USB dongle (USB ID 046d:c52b)
KM632 Wireless Mouse - USB dongle (USB ID 413c:2501)
Gigabyte
K7600 wireless keyboard - USB dongle (USB ID 04b4:0060)
HP
Wireless Elite v2 keyboard - Elite USB dongle (USB ID 03f0:d407)
Lenovo
500 Wireless Mouse (MS-436) - 500 USB Dongle (USB ID 17ef:6071)
Logitech
K360, K400r, K750. K830. Unifying dongle (USB ID 046d:c52b)
Firmware versions tested:
012.001.00019
012.003.00025
Microsoft
Sculpt Ergonomic mouse - 2.4GHz Transceiver v7.0 (USB ID 045e:0745)
Wireless Mobile Mouse 4000 - USB dongle model 1496 (USB ID 045e:07b2)
Microsoft Wireless Mouse 5000 - USB dongle model 1461 (USB ID 045e:07a5)
The full list can be seen :
MouseJack Affected Devices | Bastille Networks Internet Security
Although communication of wireless keyboards with USB receivers is usually encrypted, communication of mice is not.
Because of that a hacker to 100 meters away can intercept the signals sent between the mouse and the PC and replace this sign on the other with specially crafted packets that can act as if the user was typing commands with the keyboard instead of clicking on mouse buttons.
So it can install a rootkit within 10 seconds without having physical access to the user's PC. The whole process can be done with the use of 15 lines of code in Python, and a USB device $ 15.
The attack works on Windows, OS X and Linux.
Logitech has already released a firmare update for some of its affected mice.
I do not know if this has been posted, the whole way the more information better
If exploited, the vulnerability christened MouseJack can allow a hacker to 100 meters away from the target install a rootkit in 10 seconds.
Wireless mice from several vendors, including Microsoft, Dell, Lenovo, HP, Gigabyte and Logitech are vulnerable.
A list of models tested by the company and affected by the vulnerability can be seen below:
AmazonBasics
Wireless Mouse MG-0975 - USB dongle RG-0976 (USB ID 04f2:0976)
Dell
Dell KM714 Wireless Keyboard and Mouse Combo - KM714 USB dongle (USB ID 046d:c52b)
KM632 Wireless Mouse - USB dongle (USB ID 413c:2501)
Gigabyte
K7600 wireless keyboard - USB dongle (USB ID 04b4:0060)
HP
Wireless Elite v2 keyboard - Elite USB dongle (USB ID 03f0:d407)
Lenovo
500 Wireless Mouse (MS-436) - 500 USB Dongle (USB ID 17ef:6071)
Logitech
K360, K400r, K750. K830. Unifying dongle (USB ID 046d:c52b)
Firmware versions tested:
012.001.00019
012.003.00025
Microsoft
Sculpt Ergonomic mouse - 2.4GHz Transceiver v7.0 (USB ID 045e:0745)
Wireless Mobile Mouse 4000 - USB dongle model 1496 (USB ID 045e:07b2)
Microsoft Wireless Mouse 5000 - USB dongle model 1461 (USB ID 045e:07a5)
The full list can be seen :
MouseJack Affected Devices | Bastille Networks Internet Security
Although communication of wireless keyboards with USB receivers is usually encrypted, communication of mice is not.
Because of that a hacker to 100 meters away can intercept the signals sent between the mouse and the PC and replace this sign on the other with specially crafted packets that can act as if the user was typing commands with the keyboard instead of clicking on mouse buttons.
So it can install a rootkit within 10 seconds without having physical access to the user's PC. The whole process can be done with the use of 15 lines of code in Python, and a USB device $ 15.
The attack works on Windows, OS X and Linux.
Logitech has already released a firmare update for some of its affected mice.
I do not know if this has been posted, the whole way the more information better
