Using a wireless mouse or keyboard? They can be hijacked from up to 100 yards away

By Jon Martindale Published February 23, 2016

Although wireless peripherals have the potential to de-clutter your desk and untether you from your system, it turns out they also represent a glaring hole in your digital security. Mice, keyboards and other wireless peripherals from a number of hardware manufacturers are vulnerable to a particular hack called MouseJack, which could see your hardware being taken over from up to 100 yards away.

The MouseJack vulnerability stems from the lack of encryption of the wireless signal of most wireless USB hardware as it’s transferred from the peripheral to the wireless base station. It is quite simple to add additional information to alter how a movement is interpreted, or worse still, send commands while a user isn’t there to see it.

Recommended Videos

The flaw is said to be applicable to many peripherals from Amazon, Dell, Gigabyte, HP, Lenovo, Logitech and Microsoft (as per PCWorld). The reason for their susceptibility to the attack, is that they all utilize the same Nordic Semiconductor chips. Some of those chips support encryption and can therefore implement some sort of patch or fix for it – many are already working on it – but those without chips that can support obfuscation may be forced to leave users in a vulnerable state.

Logitech has already released a fix for its affected devices. Dell believes it is unlikely to be utilized as an attack vector, and does not plan to release a patch at this time.

Fortunately, the attack method isn’t foolproof. Hackers would need to be within that 100 yard radius and also need a direct line of sight to the wireless base station, which is far from ideal in most scenarios. If a wireless antenna is used, however, that range can be extended further, and even pass through walls and windows.

There’s also the matter of knowing what commands to send. Presumably, a potential attacker would need to know what the victim was doing to insert harmful commands. That’s not impossible, but it certainly makes the attack more difficult to execute. MouseJack seems more likely to be used as a means of pranking co-workers than a harmful attack.

But hackers are an ingenious bunch, and often use seemingly minor vulnerabilities to achieve impressive results. We hope most companies take Logitech’s approach, and patch the problem.

Topics

Former Digital Trends Contributor

Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…

Computing

SanDisk’s latest drive sets new benchmark for consumer NVMe SSDs

The SanDisk WD Black SN8100 PCIe Gen 5 SSD with and without heatsink variants

SanDisk has officially introduced the WD Black SN8100, its latest high-end PCIe Gen 5 NVMe SSD targeting PC enthusiasts, gamers, and professional users. With sequential read speeds of up to 14,900 MB/s and write speeds of 14,000 MB/s, the drive sets a new bar for consumer SSD performance, surpassing some of the best NVMe SSDs currently on the market, including the Crucial T705.

The SN8100 uses a standard M.2 2280 form factor and is available in capacities of 1TB, 2TB, 4TB, and 8TB. It’s worth noting that the 1TB model offers lower write speeds, up to 11,000 MB/s, compared to the higher-capacity versions, which reach up to 14,000 MB/s.

Computing

Pairing the RTX 5090 with a CPU from 2006? Nvidia said ‘hold my beer’

RTX 5090.

Nvidia's best graphics cards are often paired with expensive CPUs, but what if you want to try a completely mismatched, retro configuration? Well, that used to be impossible due to driver issues. But, for whatever reason, Nvidia has just removed the instruction that prevented you from doing so, opening the door to some fun, albeit nonsensical, CPU and GPU combinations.

The instruction in question is called POPCNT (Population Count), and this is a CPU instruction that also prevents Windows 11 from being installed on older hardware. Its job is counting how many bits are present in a binary number. However, as spotted by TheBobPony on X (Twitter), POPCNT will not be a problem for Nvidia's latest graphics cards anymore.

Computing

AMD’s upcoming CPU could offer bonkers gaming performance

A fake and real AMD Ryzen 7 9800X3D side by side.

AMD's Zen 5 architecture has been a popular choice for gamers due to its outstanding performance and 3D V-Cache capacity, and now a leak suggests Zen 7 could double down on that through a new "3D Core." According to YouTuber Moore's Law is Dead, "[AMD] is moving toward a lot of official variants."

AMD reportedly plans to launch a single overall architecture, divided into different product categories, including the expected lineup: Classic Cores, Dense Cores, Efficiency Cores, and Low-Power Cores. The 3D Core is the latest addition, and it is said to "require full cache chiplets" that "seem to be leading to profound performance increases."