By our estimation, this means a mouse could let a RAT onto your computer.
If you are a user of an HP Inc wireless mouse/keyboard combo and the cursor starts behaving badly, that means someone might be trying to prank you.
This is because the wireless mouse in the ERK-321A bundle is not encrypted: anyone can sniff the signals from it, learn its protocol and commands, and then inject their own signal to perform a spoofing attack.
The German pentesters Syss have reported the bug to the HP Inc in March, since they got no response, they choose to go public yesterday.
They have used a Logitech USB radio dongle, the research firmware from Bastille and custom software to create their own proof-of-concept.
With this, if a user’s workstation is unlocked, the pentesters can send “a list of the mouse actions that start the virtual on-screen keyboard of the operating system and then execute arbitrary commands in the context of the currently logged-in user, for instance, download and execute an attack vector.”
If the attacker can have a look at the victim’s screen by some way, it is easy, but the notice says that a bit of extra heuristic smarts can run an attack even without having to look at the screen: with heuristics.
Take your time to comment on this article.