Mousejack Public Advisories

The plain-text public advisories can be found at CERT/CC VU#981271.

Remediation

– Immediately disconnect all affected USB dongles, and use wired keyboards and mice instead.

– If you are using affected Logitech or ‘Lenovo 500’ devices, please update your firmware by referring to the appropriate instructions (see appropriate Vendor Response links above).

Dongles from other vendors were not found to support upgrading of firmware, so it does not appear possible to patch them. Therefore it is recommended that users contact their preferred vendor and inquire into which models are not vulnerable for future purchases.

Tools

The Bastille Threat Research Team is releasing free, open source tools to enable interested parties to discover wireless mice and keyboards that may be vulnerable to MouseJack.

Please refer to: https://github.com/rfstorm/mousejack

A Python-based sniffer is available, and will output raw frames to the console:

An Android application for sniffing has been developed and is now available:

T I M E L I N E

DateEvents
2015 November 24thInitial vendor disclosure
2016 January 11thCERT/CC advisory sent
2016 February 23rdPublic disclosure
2016 February 24thCERT/CC releases advisoriesAdded Logitech & Lenovo firmware update links
2016 February 25thUploaded statement from Dell