Roj Bash Kurdistan

[Anthea]

Daily Mail

Are YOU at risk? Wireless mouse flaw lets hackers 'Mousejack' your PC

Security experts have warned of a major flaw in the wat wireless mice and keyboards work.

They say 'billions of PC's and millions of networks' are vulnerable to being hijacked.

One user has even revealed the shocking moment his machine was taken over

ARE YOU AT RISK?

Consumers will need to check with their vendor to determine if a fix is available or consider replacing their existing mouse with a secure one, MouseJack said.

Comprehensive information on the vulnerability and a list of vendors known to be affected by MouseJack is available at:

http://www.mousejack.com

Using an attack which security firm Bastille researchers, who found the flaw, have named 'MouseJack,' malicious actors are able to take over a computer through a flaw in wireless dongles.

Once paired, the MouseJack operator can insert keystrokes or malicious code with the full privileges of the PC owner and infiltrate networks to access sensitive data.

The attack is at the keyboard level, therefore PC's, Macs, and Linux machines using wireless dongles can all be victims.

Notable wireless keyboard and mouse manufacturers affected by the MouseJack discovery include: Logitech, Dell and Lenovo, but most non-Bluetooth wireless dongles are vulnerable.

'MouseJack poses a huge threat, to individuals and enterprises, as virtually any employee using one of these devices can be compromised by a hacker and used as a portal to gain access into an organization's network,' said Chris Rouland, founder, CTO, Bastille.

'As protocols are being developed so quickly, they have not been through sufficient security vetting.

'The top 10 wearables on the market have already been hacked and we expect millions more commercial and industrial devices are vulnerable to attack as well.

'MouseJack underscores the need for security across the entire RF spectrum as exploitation of IoT devices via radio frequencies is becoming increasingly popular among the hacker community.'

The $15 dongle needed to carry out the attack

The attack is at the keyboard level, therefore PC's, Macs, and Linux machines using wireless dongles can all be victims.

The MouseJack vulnerability affects a large percentage of wireless mice and keyboards, as these devices are ubiquitous and often found in sensitive environments.

While some vendors will be able to offer patches for the MouseJack flaw with a firmware update, many dongles were designed to not be updatable, the firm says.

'Wireless mice and keyboards are the most common accessories for PC's today, and we have found a way to take over billions of them,' said Marc Newlin, Bastille's engineer responsible for the MouseJack discovery.

'MouseJack is essentially a door to the host computer.

'Once infiltrated, which can be done with $15 worth of hardware and a few lines of code, a hacker has the ability to insert malware that could potentially lead to devastating breaches.

'What's particularly troublesome about this finding is that just about anyone can be a potential victim here, whether you're an individual or a global enterprise.'

http://www.dailymail.co.uk/sciencetech/ ... otely.html