You should be able to trust your wireless keyboard. And yet security researchers have been warning people to be suspicious of wireless computer accessories using sketchy radio protocols for years. Those warnings peaked five months ago, when hackers at the security firm Bastille found that millions of cheap keyboard and mouse dongles let hackers inject keystrokes onto your machine from hundreds of yards away. Now, in case you missed that message, the same researchers have extended their attack to millions more devices—and this time, they can not only inject keystrokes, but also read yours, too.
On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept the connection between any of eight wireless keyboards and a computer from 250 feet away> What’s more, it gives the hacker the ability to both type keystrokes on the victim machine and silently record the target’s typing.
The keyboards’ vulnerability, according to Bastille’s chief research officer Ivan O’Sullivan, comes from the fact that they all transmit keystrokes entirely without encryption. The manufacturers’ only plan against attackers spoofing or eavesdropping on their devices’ communications is to depend on the obscurity of the radio protocols used. “We were stunned,” says O’Sullivan. “We had no expectation that in 2016 these companies would be selling keyboards with no encryption.”
In a detailed website Bastille created to document their attack and the vulnerabilities it exploited, they list keyboards from HP, Toshiba, Radio Shack, Kensington, Insignia, General Electric, Anker and EagleTec as vulnerable to Keysniffer. Instead of connecting to computers via Bluetooth, which is standardized and has undergone extensive security testing, all of these devices use one generic alternative …