What is MouseJack?
MouseJack is a class of vulnerabilities that affects the vast majority of wireless, non-Bluetooth keyboards and mice. These peripherals are ‘connected’ to a host computer using a radio transceiver, commonly a small USB dongle. Since the connection is wireless, and mouse movements and keystrokes are sent over the air, it is possible to compromise a victim’s computer by transmitting specially-crafted radio signals using a device which costs as little as $15.
An attacker can launch the attack from up to 100 meters away. The attacker is able to take control of the target computer, without physically being in front of it, and type arbitrary text or send scripted commands. It is therefore possible to perform rapidly malicious activities without being detected.
The MouseJack exploit centers around injecting unencrypted keystrokes into a target computer. Mouse movements are usually sent unencrypted, and keystrokes are often encrypted (to prevent eavesdropping what is being typed). However the MouseJack vulnerability takes advantage of affected receiver dongles, and their associated software, allowing unencrypted keystrokes transmitted by an attacker to be passed on to the computer’s operating system as if the victim had legitimately typed them.
The public advisories have been registered with CERT.
Q: What are the potential dangers of MouseJack?
A: MouseJack is essentially a door to the host computer. MouseJack can be used to remotely take over a computer, insert malware, and potentially infiltrate a network. How can people find out if their device is at risk? View a full list of affected devices.
Q: Who discovered MouseJack?
A: Marc Newlin, a member of Bastille’s Threat Research Team. Bastille’s research team is made up of RF and cybersecurity experts including the top 4 finalists of the DARPA Spectrum Challenge.
Q: What does the MouseJack discovery say about the current state of IoT security?
A: The MouseJack discovery validates the thesis that the IoT is being rolled out with wireless protocols that have not been through sufficient security vetting.
Q: Who is at risk of being targeted by the MouseJack vulnerability?
A: From global enterprises to individuals, anyone using an affected wireless mouse runs the risk of being a victim of a potential hack.
Q: Is there a MouseJack fix? What can consumers do to protect themselves?
A MouseJack fix is the responsibility of the device manufacturers. Consumers should check with their vendors to see if a fix exists. If a fix does not exist, consumers should consider replacing their device with a secure one. Find the list of affected devices here.
Q: I have a Bluetooth keyboard/mouse. Am I vulnerable?
A: Not from MouseJack. Bluetooth uses a completely different transmission and encryption system that is not vulnerable to this attack.
Q: How long does it take to hack my laptop with MouseJack?
A: A MouseJack compromise can take place in seconds. Don’t think of an attacker needing to use your keyboard/mouse for minutes looking through your interesting emails. In around ten seconds, your computer can be altered to allow an attacker to remotely download documents, all your emails, and add or delete programs.
Q: Why would anyone care about attacking me on my laptop?
A: There are two plausible scenarios:
PERSONAL ATTACK: Identity theft is an increasing problem that can result in a negative credit rating and expensive legal battle to reclaim what is rightfully yours. Criminals are becoming increasingly sophisticated in how they piece together the necessary information to pretend to be you.
COMPANY ATTACK: Once your laptop is ‘MouseJacked’, malicious software can be installed that will remain dormant until you connect to your corporate network. The software will attempt to replicate across the rest of the computers connected to that network, exfiltrating sensitive documents and user credentials – this is modern corporate espionage.
Q: Where is my laptop vulnerable?
A: Your laptop can be ‘MouseJacked’ from up to 100 metres away. You could be in the office and a visitor hacks you from reception, you could be at home and a hacker attacks you from the street, you could be in a coffee shop and another customer hacks you. The same threat exists at an airport, or on a plane, or in many other situations.
Bottom line: If your computer is turned on, and a vulnerable dongle is attached, it could be vulnerable to MouseJack.