Your HP Wireless mouse can be Spoofed; Be careful

By our estimation, this means a mouse could let a RAT onto your computer.

If you are a user of an HP Inc wireless mouse/keyboard combo and the cursor starts behaving badly, that means someone might be trying to prank you.

This is because the wireless mouse in the ERK-321A bundle is not encrypted: anyone can sniff the signals from it, learn its protocol and commands, and then inject their own signal to perform a spoofing attack.

The German pentesters Syss have reported the bug to the HP Inc in March, since they got no response, they choose to go public yesterday.

They have used a Logitech USB radio dongle, the research firmware from Bastille and custom software to create their own proof-of-concept.

With this, if a user’s workstation is unlocked, the pentesters can send “a list of the mouse actions that start the virtual on-screen keyboard of the operating system and then execute arbitrary commands in the context of the currently logged-in user, for instance, download and execute an attack vector.”

If the attacker can have a look at the victim’s screen by some way, it is easy, but the notice says that a bit of extra heuristic smarts can run an attack even without having to look at the screen: with heuristics.

Take your time to comment on this article.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients