Companies Ready to Face Mousejack Attacks than Upgrade Wireless Mice

The MouseJack security flaw led to users' awareness about the probable dangers arising from any wireless keyboard else mouse, within organizations. A hacker just short distance away, say 100 meters, can dispatch bundles onto an attached device to create keystrokes on target PC instead of generating mouse clicks. Soon the hacker could load malware, particularly perilous rootkits within seconds.

Discoverer of the problem Bastille the firm states cyber-criminals may exploit any of the vulnerabilities within the current protocol, while issue bogus commands for an USB dongle that likely can't validate the data its paired machine sends, thereby it issues the instructions its neighboring computer on the network.

Microsoft handled the MouseJack flaw last week via the release of one optional update, which doesn't let the MouseJack attacks to work in the context of a few wireless mice that Microsoft manufactures.

Senior expert in the security industry Chris Rouland who founded Bastille told Threatpost that there's a Python code of only 15 lines in the attacks which work against Mac OS X, Linux or Windows.

The problem, like in the case of other connected, embedded gadgets, involves the possibility that several of these gadgets won't or can't get updated. An update was first provided from Logitech for its USB sticks; nonetheless, a few end-users reported having problems with it. Microsoft too released an optional update which, according to the company, would sieve and separate QWERTY key frames within any keystroke communication from USB stick to wireless mice and vice-versa. Threatpost.com posted this, April 19, 2016.

A survey by Bastille on its online site regarding awareness and rectification of MouseJack revealed that among the 900 surveyed, 75% were, to say the minimum, slightly worried about the flaw, while 50% stated they would do one of the things i.e. patch else purchase one more secured gadget, and 30% stated they'd follow the old school method of purchasing one wired mouse.

Considering that Bastille's chief executive disclosed to ThreatPost of Kaspersky about how fresh proof-of-concept code along with tools let the company's researchers to increase MouseJack attacks' distance from 100 meters to 225, it's time to be serious about MouseJack.

» SPAMfighter News - 4/27/2016