Your HP Wireless mouse can be Spoofed; Be careful

  • 740
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    740
    Shares

By our estimation, this means a mouse could let a RAT onto your computer.

If you are a user of an HP Inc wireless mouse/keyboard combo and the cursor starts behaving badly, that means someone might be trying to prank you.

This is because the wireless mouse in the ERK-321A bundle is not encrypted: anyone can sniff the signals from it, learn its protocol and commands, and then inject their own signal to perform a spoofing attack.

The German pentesters Syss have reported the bug to the HP Inc in March, since they got no response, they choose to go public yesterday.

They have used a Logitech USB radio dongle, the research firmware from Bastille and custom software to create their own proof-of-concept.

With this, if a user’s workstation is unlocked, the pentesters can send “a list of the mouse actions that start the virtual on-screen keyboard of the operating system and then execute arbitrary commands in the context of the currently logged-in user, for instance, download and execute an attack vector.”

If the attacker can have a look at the victim’s screen by some way, it is easy, but the notice says that a bit of extra heuristic smarts can run an attack even without having to look at the screen: with heuristics.

Take your time to comment on this article.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply