Skip to main content
  1. Home
  2. Computing
  3. News

Using a wireless mouse or keyboard? They can be hijacked from up to 100 yards away

Jon Martindale
By

using a wireless mouse or keyboard they can be hijacked from up to 100 yards away microsoft universal foldable typing angle
Although wireless peripherals have the potential to de-clutter your desk and untether you from your system, it turns out they also represent a glaring hole in your digital security. Mice, keyboards and other wireless peripherals from a number of hardware manufacturers are vulnerable to a particular hack called MouseJack, which could see your hardware being taken over from up to 100 yards away.

The MouseJack vulnerability stems from the lack of encryption of the wireless signal of most wireless USB hardware as it’s transferred from the peripheral to the wireless base station. It is quite simple to add additional information to alter how a movement is interpreted, or worse still, send commands while a user isn’t there to see it.

The flaw is said to be applicable to many peripherals from Amazon, Dell, Gigabyte, HP, Lenovo, Logitech and Microsoft (as per PCWorld). The reason for their susceptibility to the attack, is that they all utilize the same Nordic Semiconductor chips. Some of those chips support encryption and can therefore implement some sort of patch or fix for it – many are already working on it – but those without chips that can support obfuscation may be forced to leave users in a vulnerable state.

Logitech has already released a fix for its affected devices. Dell believes it is unlikely to be utilized as an attack vector, and does not plan to release a patch at this time.

Fortunately, the attack method isn’t foolproof. Hackers would need to be within that 100 yard radius and also need a direct line of sight to the wireless base station, which is far from ideal in most scenarios. If a wireless antenna is used, however, that range can be extended further, and even pass through walls and windows.

There’s also the matter of knowing what commands to send. Presumably, a potential attacker would need to know what the victim was doing to insert harmful commands. That’s not impossible, but it certainly makes the attack more difficult to execute. MouseJack seems more likely to be used as a means of pranking co-workers than a harmful attack.

But hackers are an ingenious bunch, and often use seemingly minor vulnerabilities to achieve impressive results. We hope most companies take Logitech’s approach, and patch the problem.

Editors' Recommendations

Sony’s new InZone gaming headsets raise the bar for PS5 audio

The Sony InZone Gaming headsets

Sony’s first gaming monitor is under $1,000 and all-in on HDR

sony launches inzone gaming monitors pxl 20220615 150759757

Lenovo ThinkPad X13s vs. MacBook Air M1: An ARM wrestle showdown

The back lid of the ARM-powered ThinkPad.

Vaio laptops are back, and they’re surprisingly affordable

Two Vaio laptops against a black background.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

The best horror movies on Amazon Prime (July 2022)

The cast of Sleepy Hollow.

Nvidia RTX 4090 could shatter GPU speed records — but at a big cost

Graphics card inside the Maingear Vybe.

Best Apple deals and sales for July 2022

dell xps 15 vs macbook pro 16 apple ry 14 1200x9999

TweetDeck (for Mac) is dead. Here are some alternatives

The Twitter app on the Sony XPeria 5 II.

The 82 best shows on Peacock right now (July 2022)

Two officers in bomb squad uniforms in a scene from Trigger Point on Peacock.

Don’t expect a new Sly Cooper or Infamous game anytime soon, says Sucker Punch

sly cooper infamous not in development second son

Upcoming Microsoft Teams update could finally make chatting easier

Microsoft Teams on a Windows desktop.

Fortnite Chapter 3 guide: Season 3, week 4 quests and how to complete them

Character flying through Slipstream in Fortnite.