Other issues in this category (13)
Watch your mouse
Thursday, June 23, 2016
This issue's material has been provided by Anti-virus Times project participant Alexander Sh. from Belarus
When it comes to information security, small threats don’t exist. Just like vulnerabilities, threats either exist or they don’t. Often, however, they just aren't yet known about.
Marc Newlin, a security researcher at Bastille which specialises in IoT security, discovered a vulnerability that can undermine the security of millions of PCs worldwide. Who would ever suspect that a flaw existing within wireless computer mice and keyboards could pose such serious danger? This vulnerability has been dubbed MouseJack.
It turns out that many well-known manufacturers (AmazonBasics, Dell, Gigabyte, HP, Lenovo, Logitech, and Microsoft) have been producing wireless mice and keyboards (which connect to computers via a USB dongle) that do not encrypt their transmissions and use insecure protocols. As a result, in the absence of authentication, cybercriminals can mount a successful attack, gain control over a system, enter arbitrary commands, and even install malware.
This threat once again proves that IoT devices are currently using protocols that provide inadequate security.
The latest reports indicate that the distance from which intruders can carry out attacks has increased from 100 meters to 225 meters, which enables them to remain undetected. The operating system involved is not relevant because attacks aren’t targeting the OS, but rather devices containing wireless communication vulnerabilities.
Given the popularity of these devices, the number of attacks on them can be significant and their effect—unpredictable.
Manufacturers have taken the vulnerability seriously and are taking measures to close it.
- Microsoft has reported that it has investigated the matter and intends to release a patch to close the vulnerability.
- Logitech has already provided new firmware that has closed MouseJack vulnerabilities.
- Dell is recommending that owners of KM714 wireless sets install the new Logitech firmware and is advising users of KM632 sets to replace their devices.
- Lenovo has also agreed to replace vulnerable devices free of charge. To do this, users should contact their official tech support.
Unfortunately, some USB dongles do not support firmware upgrades. Therefore, for such devices, the vulnerabilities can't be closed.
The Anti-virus Times recommends
- The list of manufacturers whose devices are affected by MouseJack vulnerabilities can be found on the specially created site www.mousejack.com.
- Check the manufacturer's official site for new firmware, patches, and updates for your hardware, and install them.
- Contact the manufacturer's support service or its representative to find a solution.
- Consider the possible replacement of the vulnerable or unsafe device.