Skip to main content
  1. Home
  2. Computing
  3. News

FBI finally warns private businesses about snooping KeySweeper devices

Kevin Parrish
By
KeySweeper - covert Microsoft wireless keyboard sniffer using Arduino and nRF24L01+
The FBI’s Cyber Division is just now getting around to warning the private industry about a fake USB device charger that can log the keystrokes of certain wireless keyboards. The government is talking about KeySweeper, which was first revealed as a proof-of-concept attack platform by
Recommended Videos
Samy Kamkar 15 months before the FBI’s current notification. Kamkar used a USB-based phone charger in his demonstration to show how this platform could reside anywhere and steal/decrypt keystrokes from any Microsoft-branded wireless keyboard in the vicinity.

“If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information,” the FBI warns. “Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen.”

According to Kamkar, the fake wireless device charger can use an internal battery, allowing it to sniff and log Microsoft wireless keyboard transmissions even when its unplugged from the wall and seemingly shut off. Collected data can be stored locally on a flash-based chip too, or sent over a GSM-based cellular network like AT&T and T-Mobile. Two KeySweeper devices can even exchange information wirelessly, and there’s a web-based tool for live keystroke monitoring as well.

The sneaky KeySweeper device created by Kamkar featured a 3.3v Arduino Pro Mini microcontroller, a nRF24L01+ RF chip that communicated using GFSK over the 2.4GHz band, and an AC USB charger for converting AC power to 5v DC. Optional components include an SPI Serial Flash chip for storing keystrokes, the Adafruit FONA board for using a 2G SIM card, and a 3.7v LiPo or LiOn battery for power when disconnected from a wall outlet.

KeySweeper’s primary code resides on the microcontroller while live monitoring of wireless keyboards is enabled by way of a web-based backend. This backend provides a web interface and uses PHP and JQuery to log all keystrokes. He also modified the Adafruit FONA library that enables the FONA to detect a new text message, and created a JQuery Terminal plugin that makes keyboard monitoring easier.

Microsoft wireless keyboards use a proprietary 2.4GHz RF protocol. To figure out the actual wireless language, Kamkar ripped apart a Microsoft wireless keyboard and examined the chip responsible for its wireless connectivity. He bought the exact same chip off eBay, and later began to build the actual USB charger device, as shown in a step-by-step tutorial here. Essentially, just about anyone can build this device on the cheap.

In his proof-of-concept, Kamkar reveals that his invention will send SMS alerts when the target wireless keyboard broadcasts specific keystrokes, such as the URL to a bank. He also acknowledges that KeySweeper is actually an extension of work previously done by Travis Goodspeed, and work by Thorsten Schroder and Max Moser.

Why the FBI has waited until now to warn the private industry about KeySweeper is unknown. However, the agency points out that the Microsoft wireless keyboards subject to keystroke sniffing are manufactured before 2011, but are still currently on the market to purchase. Kamkar claims that his device can sniff out any Microsoft wireless keyboard transmission, so private companies should keep an eye out for suspicious wireless chargers lounging around no matter what year the Microsoft keyboard was made.

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
This Lenovo ThinkPad laptop with 32GB of RAM is 35% off right now
lenovo thinkpad t16 laptop deal april 2024 promotional render

Lenovo often has some of the best laptop deals around with the current price on the Lenovo ThinkPad T16 Gen 2 one of the more appealing right now. Usually priced at $2,069, it’s down to $1,345 for a limited time only. Granted, the original price is one of Lenovo’s estimated value system prices so it may be overly optimistic but whatever the true discount, $1,345 is a great price for a system packed with great hardware. If you want to learn more about it, scroll down while we take you through everything.

Why you should buy the Lenovo ThinkPad T16
Lenovo is one of the best laptop brands for business laptops and the Lenovo ThinkPad T16 Gen 2 is a perfect example of that for work purposes. It has an AMD Ryzen 7 Pro 7840U processor along with a huge 32GB of memory. There’s also 1TB of SSD storage so you won’t run out of room for all your most valuable files.

Read more
This mini PC, and I do mean mini, has a Ryzen 7000 tucked inside for $200 off
Geekom A7 Mini PC with AMD Ryzen 7 for gaming showcased.

Computing, or small computing, has come a long way in recent years. Thanks to renewed interest in more manageable desktop sizes, even for PC gaming, we've seen a boon in the small PC world, namely with small form factor PCs (SFFPCs). For good reason, people are more interested in systems that take up less space, are more efficient, especially with energy usage, and can be placed in new areas, like their living rooms. There is now a whole category of small and mini PCs, and although they are bite-sized, they still pack a punch. Take Geekom's A7 Mini PC, which has an AMD Ryzen 7000 series tucked inside. That's no slouch on its own, but it also has 64GB of DDR5 RAM, WiFi 6E, and AMD Radeon graphics that supports up to four displays. All of that is packed inside an ultra-slim, space-saving case about the size of a book. Incredible. The top-tier model is currently $200 off, down to $649 instead of $849, when you use code digitaltrendsa7 at checkout. That code is valid in the US and the UK.

 
Why you should buy the Geekom A7 Mini PC

Read more
No, you shouldn’t just buy whatever Brother printer is cheapest
The Brother MFC-J1205W's off-white color looks nice in a home office.

Printers aren't the most exciting tech products in the world. I get it. Most of us don't use them all that often and just need the cheapest one that'll get the job done.

That’s the point a recent tongue-in-cheek article from The Verge made, declaring in a buying guide that “the best printer is still whatever random Brother laser printer that’s on sale.” The subtext: Printers have stagnated, and anyone trying to convince you otherwise is fishing for clicks on Google. But if you’ve ever purchased a car that wasn’t a Toyota Corolla, maybe you’d agree that “the best for most people” isn’t always the best for you.

Read more