The existence of vulnerability "KeySniffer" which can be intercepted the contents of keystrokes on wireless keyboard turned out



We found that there are vulnerabilities that could potentially be "eavesdropped (intercepted)" on the entered keystrokes on the eight wireless keyboards currently in use. Security company Bastille exploited this vulnerability as "KeySnifferI call it.

KeySniffer
http://www.keysniffer.net/

KeySniffer Lets Hackers Steal Keystrokes from Wireless Keyboards
http://thehackernews.com/2016/07/wireless-keylogger.html

A very easy-to-understand movie is made about what KeySniffer is like.

Bastille KeySniffer - YouTube


Marc Newlin, security researcher at Bastille who discovered KeySniffer.


KeySniffer is a very dangerous vulnerability that "an attacker can intercept all keystrokes".



Only the wireless antenna for laptop PC and USB connection is necessary for interception.


What is used here is an item that can be purchased from Amazon $ 30 (about 3000 yen) to 40 dollars (about 4000 yen), it is not special.


It is the director Balint Seeber who is in the back room. I am signaling OK.


The prepared keyboard is a wireless keyboard with vulnerability confirmed.


Scan interior with USB antenna ......


When I found the target keyboard ......


The key strokes go to the bottom.


The screen on the left is the screen the victim sees, the right side is the screen visible to the attacker's hand.


When shopping online etc., personal information and financial related information will be leaked.


The measure is confirmed with the wireless keyboard of the wireless system which this vulnerability is not Bluetooth, so please use the wireless keyboard with Bluetooth connection. Alternatively, use a wired keyboard.


According to information published by Bastille,Keyboard with vulnerability confirmed"Anker Ultra Slim 2.4 GHz Wireless Compact Keyboard" by Anker, EagleTec "EagleTec K104 / KS04 2.4 GHz Wireless Combo keyboard", General Electric "GE 98614 wireless keyboard", Hewlett-Packard's "HP Wireless Classic Desktop wireless keyboard" , Insignia's "Wireless Keyboard NS-PNC 5011
, Kensington's "Kensington ProFit Wireless Keyboard", Radio Shack's "RadioShack Slim 2.4 GHz Wireless Keyboard", Toshiba's "Toshiba PA 3871 U - 1 ETB wireless keyboard".

Please note that this is the range confirmed by Bastille, and there is a possibility that a vulnerable wireless keyboard may exist in addition to this, so beware if you are using a wireless keyboard that is not a Bluetooth connection.

in Hardware,   Video,   Security, Posted by logc_nt