Hackers Can Spy on Wireless Keyboards From Hundreds of Feet Away
Several popular brands of wireless keyboards have been betraying their owners, broadcasting their keystrokes for savvy hackers to intercept from hundreds of feet away.
According to research published Tuesday by Bastille, a cybersecurity company, eight wireless keyboards manufactured by major electronics companies transmit information in a way that makes it possible for a hacker to eavesdrop on every sentence, password, credit card number, and secret typed on them.
Wireless keyboards generally protect their users by encrypting the data that they send back to the computers they’re paired with. That way, even if hackers try to listen in on the data stream, they’ll get nothing but an undecipherable mess. Sometimes, however, the encryption isn’t well executed: Last year, a prolific security researcher found a weakness in the encryption used by certain Microsoft keyboards, and built a small device to intercept and decode what’s being typed on them.
That’s the sort of vulnerability that Marc Newlin, a researcher at Bastille, was looking for when he set out to hack 12 popular models of wireless keyboards from brands like Hewlett-Packard, Toshiba, Radio Shack, and General Electric. What he found, though, was even more shocking than a poorly secured data connection: Some keyboards weren’t encrypting the keystrokes being tapped out on them at all.
Newlin started out by reverse-engineering the transceivers—the little USB dongles that come with wireless keyboards—to try and determine how they communicate. “I thought this was going to be just the first part of the process,” Newlin said. “It turned out after completing that step that, lo and behold, all of the keystroke data was simply being transmitted in cleartext, with no encryption whatsoever.”