Microsoft wireless keyboard keystrokes listening device off




A security researcher has created a device that looks like a charger, but in fact the keystrokes of a wireless keyboard from Microsoft can intercept and forward. The device is based on an Arduino board.

The device named KeySweeper works because it has the same chip on board as the Wireless Keyboard from Microsoft, which works on its own protocol at 2.4GHz. Furthermore, the encryption used by the security researcher weak, making it easy to discover the keystrokes in the sent code. The software namely uses the MAC address to encrypt the data.

The security researcher used a vulnerability in the protocol to make contact with the hardware. The charger is based on an Arduino and all hardware fits into the case of a regular phone charger. In addition, the charger can also continue to operate to provide power to other devices. If the charger is plugged in, the sniffer will remain active for a removable battery.

The KeySweeper can transmit the signals received via a mobile phone network and the attacker notify you via SMS when the victim visits certain URLs or fill passwords in certain spots. In this way, the attacker can also watch live.

It is unknown whether Microsoft can close the vulnerability in his keyboard. The software has not yet responded to the discovery of the security researcher. It is not the first time that this researcher Samy Kamkar, discusses a Microsoft product. Sooner had he been on the collection of location data in Windows Phone.

In: Technology & Gadgets Asked By: [18418 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »