Security Alert: Your Wireless Mouse or Keyboard Can Be Hacked

Your Wireless Mouse or Keyboard Can Be Hacked

If you use a wireless mouse or keyboard, you could be leaving yourself open to attacks from hackers. Researchers at Bastille had discovered in January 2016 that attackers could make use of a cheap $15 antenna to sneak into your computer through a wireless mouse or keyboard dongle (receiver).

As an example, an attacker could use an inexpensive antenna to masquerade as a wireless mouse to enter your computer. From there, the intruder can switch the signal to emulate a wireless keyboard and gain control of your machine. The trick was found to have worked from up to 200 meters (and sometimes even 225 meters) away, so even if an attacker can't see your screen, he or she could use keyboard commands to do anything from opening websites to downloading malware onto your computer — or even wiping your hard drive altogether.

So far, Bastille has found multiple "MouseJack" vulnerabilities in non-Bluetooth wireless mouse and keyboard radio receivers made by AmazonBasics, Dell, Gigabyte, HP, Lenovo, Logitech, and Microsoft.

Fortunately, there are some ways that you can take action. Firstly, if you're not using your wireless device, switch it off. The antenna relies on the dongle being active, and the dongle won't be hunting for signals if your device is switched off. (You could also just unplug it.) Of course, this doesn't help much if you're using your mouse or keyboard. And unless you're using a Logitech or Microsoft product, there's not really anything you can do at the moment.

AmazonBasics Mice

AmazonBasics' wireless mice affected won't receive any updates and it's not known whether Amazon fixed the issue in newer models. Bastille notes that it's Wireless Mouse MG-0975, USB dongle RG-0976, that is affected.

Dell Mice & Keyboards

Dell issued a statement that it was looking into the issue, but has not since mentioned any updates for mice and keyboards already sold. Bastille notes that the Dell KM714 Wireless Keyboard and Mouse Combo; KM714 USB dongle; and KM632 Wireless Mouse USB dongle are affected.

Gigabyte Keyboards

Gigabyte never disclosed updates or even acknowledged an issue with its keyboards. Bastille notes the K7600 wireless keyboard USB dongle is affected.

HP Keyboards

Hewlett-Packard also never disclosed updates or even acknowledged an issue with its keyboards. Bastille notes the Wireless Elite v2 keyboard Elite USB dongle is affected.

Lenovo Mice & Keyboards

Lenovo is offering replacement devices for affected 500-series keyboards and mice models. Bastille notes the 500 Wireless Mouse (MS-436) 500 USB Dongle is affected.

Logitech Mice & Keyboards

If you have a Logitech G900 gaming mouse, you can update its firmware on a Windows PC with G900Update_1.5.23.exe. Bastille notes the K360, K400r, K750, and K830 Unifying dongle are affected, as well as Unifying Dongles C-U0007 and C-U0008, the Logitech G900, and Logitech G900 dongle C-U0008.

Updating a Logitech Unifying Receiver

Logitech has issued a fix for its Unifying receiver, so let's take a look at how you can update the firmware and stop worrying about this issue. This patch will only work on Logitech wireless keyboards and mice that bear the Unifying logo on it. A patch is available for Windows and macOS, but nothing has been stated for Linux.

If you're a Mac user, just download the ZIP file, unzip it, then open up the SecureDFU application and follow the on-screen instructions. The instructions are similar for Windows PC, just download and run the SecureDFU.exe file.

Microsoft Mice & Keyboards

Microsoft offered a firmware update that may or may not work, and mice that are part of a combo set are still vulnerable, Bastille claims. Affected products include Sculpt Ergonomic mouse, Wireless Mobile Mouse 4000, Microsoft Wireless Mouse 5000, 2.4GHz Transceiver v7.0, USB dongle model 1496, and USB dongle model 1461,

Other Patches & Affected Devices

Keep your eyes peeled to see if the manufacturer of your wireless mouse or keyboard announces a fix. We'll do the same and let you know as soon as we find out. And just because you have a wireless mouse made by someone not on this list does not guarantee your safety — Bastille might not have tested it out yet.

If you're an aspiring hacker here on Null Byte, now's the time to break out that extra mouse you have and learn a thing or two. More information is available at MouseJack.com, and you can view details on the keystroke injections and forced pairing techniques in its white paper.

Cover image by Eric Ramsley/Null byte

Get The Null Byte Newsletter

Never miss a new hacking or security guide

5 Comments

Damn I have Logitech MX Master but I run Linux.

This is really exciting! Imagine the new attack vectors you could use! I hope that maybe OTW could exploit this vulnerability and post a tutorial......

How about you try to exploit it yourself

^ Exactly this.
This vulnerability was already discovered in 2011.

Share Your Thoughts

  • Hot
  • Latest