Raise awareness of environmental health issues in order to better protect our children and future generations.

EMF Studies

29 February 2016

Are You at Risk of Being Mousejacked?

Are YOU at risk of being MOUSEJACKED? Experts warn wireless flaw could let hackers take over billions of machines and type on PC's remotely
by Mark Prigg for dailymail.co 
24 February 2016

- Security researchers warn 'billions' of PCs could be at risk
- Flaw allows hackers to take over mouse with $15 of electronics
- Most non-bluetooth wireless mice not affected
- Owners advised to check their model - some firms such as Logitech have already issued downloadable fixes

Security experts have warned of a major flaw in the wat wireless mice and keyboards work.

They say 'billions of PC's and millions of networks' are vulnerable to being hijacked.

One user has even revealed the shocking moment his machine was taken over

Using an attack which security firm Bastille researchers, who found the flaw, have named 'MouseJack,' malicious actors are able to take over a computer through a flaw in wireless dongles.

Once paired, the MouseJack operator can insert keystrokes or malicious code with the full privileges of the PC owner and infiltrate networks to access sensitive data.

The attack is at the keyboard level, therefore PC's, Macs, and Linux machines using wireless dongles can all be victims.

Notable wireless keyboard and mouse manufacturers affected by the MouseJack discovery include: Logitech, Dell and Lenovo, but most non-Bluetooth wireless dongles are vulnerable.

'MouseJack poses a huge threat, to individuals and enterprises, as virtually any employee using one of these devices can be compromised by a hacker and used as a portal to gain access into an organization's network,' said Chris Rouland, founder, CTO, Bastille.

'As protocols are being developed so quickly, they have not been through sufficient security vetting.

'The top 10 wearables on the market have already been hacked and we expect millions more commercial and industrial devices are vulnerable to attack as well.

The MouseJack vulnerability affects a large percentage of wireless mice and keyboards, as these devices are ubiquitous and often found in sensitive environments.

While some vendors will be able to offer patches for the MouseJack flaw with a firmware update, many dongles were designed to not be updatable, the firm says.

'Wireless mice and keyboards are the most common accessories for PC's today, and we have found a way to take over billions of them,' said Marc Newlin, Bastille's engineer responsible for the MouseJack discovery.

'MouseJack is essentially a door to the host computer.

'Once infiltrated, which can be done with $15 worth of hardware and a few lines of code, a hacker has the ability to insert malware that could potentially lead to devastating breaches.

'What's particularly troublesome about this finding is that just about anyone can be a potential victim here, whether you're an individual or a global enterprise.'


Consumers will need to check with their vendor to determine if a fix is available or consider replacing their existing mouse with a secure one, MouseJack said.

Comprehensive information on the vulnerability and a list of vendors known to be affected by MouseJack is available at www.mousejack.com.


No comments:

Post a Comment