+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Hackers Can Use A $10 Wall Charger To Intercept Anything Typed On Wireless Microsoft Keyboards

Jan 13, 2015, 15:49 IST

Advertisement

A security researcher claims to have developed a USB wall charger that can eavesdrop on almost any wireless Microsoft keyboard, VentureBeat is reporting - and he's released instructions on how to build it online.

The device, called the KeySweeper, masquerades as a working USB wall charger. However, it secretly monitors any Microsoft wireless keyboards within range and "passively sniffs, decrypts, logs and reports back" everything typed on them, its creator alleges. It could be used to record passwords and bank details, or capture confidential documents as they're being typed.

The security flaw has been highlighted by Samy Kamkar, a security researcher and entrepreneur who has previously flagged up issues with Parrot drones, illicit smartphone tracking and the PHP programming language. The device can be built for as little as $10, with optional features including sending SMS alerts when keywords are entered, and an internal rechargeable battery - meaning the device can keep logging keystrokes even when unplugged.

Microsoft wireless keyboards encrypt their data before sending it wirelessly, but Kamkar claims to have discovered multiple bugs that make it easy to decrypt. The researcher hasn't tested it on every Microsoft wireless keyboard, but he believes that due to similarities between them, they will all be affected.

A Microsoft spokesperson told VentureBeat that they "are aware of reports about a 'KeySweeper' device and are investigating."

Advertisement

Kamkar hasn't just highlighted the vulnerability - he's released detailed instructions on how to build the device on GitHub. He's also produced a half-hour video on KeySweeper, which you can watch below:

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article