University Crest

[wlug] How a wireless keyboard lets hackers take full control of connected computers

 
wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
Peter Reutemann fracpete@w...
Tue Mar 19 13:08:43 NZDT 2019


'There’s a critical vulnerability in a model of Fujitsu wireless
keyboard that makes it easy for hackers to take full control of
connected computers, security researchers warned on Friday. Anyone
using the keyboard model should strongly consider replacing it
immediately.

The Fujitsu Wireless Keyboard Set LX901 uses a proprietary 2.4 GHz
radio communication protocol called WirelessUSB LP from Cypress
Semiconductor. While the keyboard and mouse send input that’s
protected with the time-tested Advanced Encryption Standard, the USB
dongle that accepts the input accepts unencrypted packets as well, as
long as they’re in the proper format.

Researchers with the Germany-based penetration-testing firm SySS
developed a proof-of-concept attack that exploits the insecure design.
Using a small hardware device, they are able to send commands to
vulnerable Fujitsu keyboard receiver dongles that are within range. As
the video below demonstrates, the researchers were able to send input
of their choice that’s automatically funneled to the connected
computer.'

-- source: https://arstechnica.com/information-technology/2019/03/how-a-wireless-keyboard-lets-hackers-take-full-control-of-connected-computers/

Cheers, Peter
-- 
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/


More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato