KeyJack Affected Devices

The following devices have been tested and are vulnerable to a KeyJack injection attack (specifically vulnerabilities that pertain to Bastille Threat Research Team Tracking Number #13). To help determine whether you have an affected device connected to your system, please compare the following device models and USB IDs to your own:

AmazonBasicsWireless KeyboardUSB Dongle (USB ID 04f2:1130)#13 Encrypted Keystroke Injection
DellDell KM714 Wireless Keyboard and Mouse ComboKM714 USB dongle (USB ID 046d:c52b)KM632 Wireless MouseUSB dongle (USB ID 413c:2501)#13 Encrypted Keystroke Injection (KM632)#13 Encrypted Keystroke Injection (KM714)
LenovoUltraslim Wireless KeyboardUltraslim Dongle (USB ID 17ef:6032)#13 Encrypted Keystroke InjectionLEN-7267
LogitechK400rLogitech Unifying Dongles C-U0007 (FW ver 012.005.00028) &
C-U0008 (FW ver 024.003.00027) (both USB ID 046d:c52b)		#13 Encrypted Keystroke InjectionFirmware Update

Note: links were updated at time of discovery—vendors may have changed links without alerting us

Although the Bastille Threat Research Team endeavored to test a variety of models of wireless keyboard from multiple vendors, it is not possible to acquire and test every model available on the market. There may be other models and vendors that are affected by this class of vulnerability, so the list should not be considered definitive.
The plain-text advisories can be found above.

Remediation

  1. Immediately disconnect all affected USB dongles, and use wired keyboards and mice instead. 
  2. It is recommended that users contact their preferred vendor and inquire into which models are not vulnerable for future purchases.

Tools

The Bastille Threat Research Team is releasing free, open source tools to enable interested parties to discover wireless mice and keyboards that may be vulnerable to KeyJack.

Please refer to: https://github.com/BastilleResearch/keyjack

A Python-based sniffer is available, and will output raw frames to the console:

 

 

 

An Android application for sniffing has been developed and is now available: