YIBADA

KeySniffer attack allows hackers to sniff out passwords from unencrypted wireless keyboards

| Jul 27, 2016 01:35 PM EDT

Computer Hackers Meet For Annual Congress

Security experts from the Bastille Research Team have discovered that the cheap wireless keyboards can actually be used by hackers to remotely sniff what an unsuspecting user is typing.

Hackers can actually remotely see what a user with a wireless keyboard is typing in plain text. For instance, a user who is typing their password can unknowingly give it to the hackers at least 250 feet away.

What allows the hackers to remotely "see" what a user with a wireless keyboard is typing is the lack of encryption which makes the hackers able to tap in the communication between the keyboard and the wireless dongle. Researcher Marc Newlin said that the lack of encryption also allows the hackers to send their own keystrokes even without the knowledge of the user themselves, Computerworld has learned.

Not only will the hackers be able to see the passwords and other sensitive messages of the user, but they will also be able to compromise the computer remotely by trying to override security systems through their own keystrokes. The problem lies in the manufacturer's decision to reduce costs by not including encryption technology on their wireless keyboards.

The researchers dubbed the discovery as KeySniffer which pertains to the hackers' ability to sniff out the passwords and other sensitive data from the users remotely. There were 12 manufacturers tested for KeySniffer and some famous brands had been discovered to have no encryption on their wireless keyboards, according to a press release.

Some of the brands that had no encryption include EagleTec, General Electric, Anker, Radio Shack, Kensington, Toshiba and even Hewlett-Packard. Hackers can just quickly scan whether there are any vulnerable wireless keyboards in the area.

What's worse is that the KeySniffer can even be used to hack into a computer even if the user is not around. The hackers will just need to find an idle wireless keyboard and use it to enter credentials or malicious codes into the user's system.

In order to protect one's self from KeySniffer attacks, users must try and avoid the unencrypted wireless keyboards at all cost. For a more secure setup, users should just buy a wired keyboard and mouse instead to prevent hackers from sniffing.

Related News

Most Popular

EDITOR'S PICK