How It Works
To understand how this hijack works, let’s take a look at how the wireless adapters operate. You plug the adapter into a USB port and turn on your wireless mouse or keyboard. As you use the mouse or keyboard, it tells your receiver what it’s doing, such as when you move the mouse, click a button, or type a key.
Theoretically, this opens up an avenue for exploitation. If you can imagine someone connecting to your wireless adapter and pretending to be a wireless mouse or keyboard, they would then have control over the mouse and keyboard of that user’s computer. They can then use this control to perform undesirable actions on that computer. But surely manufacturers thought of this and built defenses into their adapters. This is true; not all wireless keyboards and mice have this flaw. However, some do, and there’s a story behind how this flaw slipped the Net.
How This Happened
According to Wired, the reason these devices are so open to spoofed inputs is due to a chip made by Nordic Semiconductor. Nordic sold the chips to manufacturers without any security on them. The idea is that Nordic placed the option for security on the chips and allowed the manufacturers to code their own security measures. Unfortunately, some manufacturers of wireless keyboards and mice didn’t take full advantage of this feature. The result are some chips that were sold to consumers came with less-than-stellar security on them. The security flaw comes in two levels. The first is when the data is “unencrypted”, allowing hijackers to read and send data to the adapter. The second is when data is encrypted but doesn’t properly check if the device it’s receiving commands from is legitimate. In this case, should the encryption be cracked, hackers could send data with very little problem.
The Attack
So, let’s assume someone is using one of these vulnerable adapters. How would one of these hacks play out? First of all, a hacker intending on hijacking a wireless adapter does not need expensive specialised equipment. Just a $15 antenna and a few lines of Python code grants them access to any adapter within a 100 meter radius. The adapter used in the Wired article looked like the following image.
Not something you’d easily spot in a public place! Once a hacker locates an open adapter, they can do one of two things:
They can begin to send data to the adapter to mimic keyboard and mouse behaviour. At this point they can redirect the user’s computer in ways the user may not want them to. A destructive hacker may delete files and folders, while a more cunning one will direct the victim’s computer to download and install malware. Otherwise, they can access the adapter and use it to look at what you’re inputting. This means any passwords or vital information typed by the wireless keyboard can be read by the hacker and be used to log in to sensitive accounts.
People often keep computers disconnected from the Internet to prevent these kinds of attacks happening. Unfortunately, with a vulnerable wireless adapter installed, it’s not as safe as first hoped!
How to Defend Yourself
So, what can you do to help protect against these kinds of attacks?
Check Your Device
First of all, you need to make sure that the device you’re using is actually vulnerable to attacks. Some manufacturers didn’t put in adequate security into their products, but not all. There’s a chance that you own a device which has proper security installed already. To check if your device is susceptible to this hacking method, check this link and this link to see if your device is listed.
Update Firmware
If it’s not there, then everything’s fine. But what if your device is listed – what do you do then? First of all, check to see if your device has a firmware update that fixes this exploit. You can do this by going to the website of the company that supplied your hardware and checking their drivers section for downloads. When you download a driver, make sure the notes state specifically that it fixes this issue.
Go Wired
You may find, however, that the manufacturer has long abandoned your device for updates and that you’re out of luck. So now what? Go wired, of course! They can try as hard as they can, but hackers won’t be able to hack a wired connection through the air. It’s absolutely your safest bet for keeping your hardware safe from hijacking.
Find A Stronger Device
If going wired is not an option, you can consider purchasing hardware where adequate security is present on the device. Check up on vendors that don’t appear on the vulnerable devices lists and purchase the product they sell. You can also use a Bluetooth device if your computer uses it, but you need to be aware of the security issues surrounding Bluetooth as well.
Lock Your PC
If you’re truly stuck for options, locking your computer while unattended will at least keep it from being used while you’re not watching it. It still won’t stop keyloggers from getting information, and it may feel like delaying the inevitable, so it’s not ideal.
Keeping Safe
While this method of hijacking your computer sounds very scary, being knowledgeable on what devices are affected and taking action can protect you. Do you know of any cases where someone’s wireless devices were hijacked? Does it scare you, or do you feel it’s too troublesome to work in a real life scenario? Please let us know in the comments.