Hijacking Your Wireless Keyboard and Mouse
Updated: Jan 29
MouseJack is a class of vulnerabilities that affects the vast majority of wireless, non-Bluetooth keyboards and mice. These peripherals are 'connected' to a host computer using a radio transceiver, commonly a small USB dongle. Since the connection is wireless, and mouse movements and keystrokes are sent over the air, it is possible to compromise a victim's computer by transmitting specially-crafted radio signals using a device which costs as little as $15.
An attacker can launch the attack from up to 100 meters away. The attacker is able to take control of the target computer, without physically being in front of it, and type arbitrary text or send scripted commands. It is therefore possible to perform rapidly malicious activities without being detected.
Why would anyone care about attacking me on my laptop? There are two plausible scenarios:
PERSONAL ATTACK: Identity theft is an increasing problem that can result in a negative credit rating and expensive legal battle to reclaim what is rightfully yours. Criminals are becoming increasingly sophisticated in how they piece together the necessary information to pretend to be you.
COMPANY ATTACK: Once your laptop is 'MouseJacked', malicious software can be installed that will remain dormant until you connect to your corporate network. The software will attempt to replicate across the rest of the computers connected to that network, exfiltrating sensitive documents and user credentials - this is modern corporate espionage.
Update device firmware or replace equipment
According to the researcher, Logitech has released an updated firmware for their devices to address this issue. Please contact Logitech customer support for more information.
Users of other models should consider individual use cases and threat models when using the devices until an update is available.
Is your Wireless Mouse and Keyboard vulnerable? You might be surprised by the number of vendors affected by this exploit... Logitech, Dell, Amazon Basics, Lenovo, Microsoft, and HP branded devices all have models affected by this vulnerability. Check out Bastille website for a list of affected devices to see if your device is vulnerable.
Here's a Story and Example Taken From CNET Below (Original Source)
They broke in like it was nothing. They could have wiped my hard drive, stolen my files, or practically anything nefarious you can do with a computer.
All because I had a wireless mouse dongle plugged into my laptop. And all they needed was a simple antenna that costs as little as $15 at Amazon.
Thankfully, "they" were a pair of security researchers from a company called Bastille, and every company that builds wireless mice and keyboards has already been alerted to the issue. If you have a Logitech Unifying receiver, there's already a fix. (Here is a link to a patch provided to us by Logitech:RQR_012_005_00028.exe.)
But if not, you too might be vulnerable to this technique. They're calling it a "Mousejack"
What Bastille security researcher Marc Newlin discovered was this. If you can send out a wireless signal that pretends to be a wireless mouse, most wireless USB dongles will happily latch onto it -- no questions asked. Then, you can have that fake wireless mouse pretend to be a wireless keyboard -- and start controlling someone else's computer.