MouseJack Attack

MouseJack

What is a MouseJack?

A MouseJack is a type of wireless hacking attack that targets wireless mice and keyboards using non-Bluetooth radio communication, typically via USB dongles operating in the 2.4 GHz range. These devices often lack proper encryption or authentication, making them vulnerable to spoofing—allowing attackers to inject keystrokes or mouse movements remotely.

Ever Heard of a MouseJack Attack?

You’re at work, sitting at your desk in front of your computer, aimlessly scrolling through Twitter. Suddenly, you see that you’ve just “liked” a picture posted by someone you went to school with 15 years ago—awkward! But you’re certain you didn’t click anything. You’re careful about these things. Then, you notice something being typed into the search bar… and it’s not you doing the typing.

What’s going on? Who’s doing this? How are they doing it?

The answer lies in that little USB dongle plugged into your computer. It connects your wireless mouse and keyboard—but it’s been compromised. In place of your original, benign dongle, there’s now a malicious $15 USB device. This rogue device allows an attacker to impersonate your mouse or keyboard and interact with your computer from up to 100 meters away.

This is known as MouseJacking. By exploiting weak or nonexistent encryption in certain wireless peripherals, hackers can inject fake mouse movements and keystrokes to take control of a computer, executing commands, launching programs, or even installing malware. And just like that, you’re not the one clicking, someone else is.

Why Mousejacking is a Risks for Organizations?

In a more perilous situation, the hacker might perform a MouseJack attack on a target organization in order to obtain sensitive information or compromise the network (hardware attack). By impersonating the mouse and keyboard, the malicious actor can install ransomware and rootkits. Or copy files off the computer in seconds, having damaging consequences for the victim.

In addition to performing these actions, the USB dongle also receives the information describing the actions of the user. Such as how they move their mouse and which keys they are pressing on the keyboard. With this, the attacker can obtain sensitive information such as usernames, passwords, security question answers and credit card information. By acquiring login credentials, the hacker can access the network and cause further damage. In instances where they steal credit card information, they can sell it on the black market and engage in credit card fraud.

An organization can face significant danger from a MouseJack attack because it enables a malicious actor to infiltrate without detection. The computer won’t identify the device’s malicious intent in such cases. Being recognized as a genuine HID means that this hardware device will not raise any security alarms… And the organization will not know that they are being attacked until it is too late.

How to Protect Against Mousejacking?

Here’s how to safeguard against wireless mouse hacking:

  • Firmware Updates: Keep the firmware of your wireless devices up-to-date. Manufacturers may release updates that address security vulnerabilities.
  • Encryption: Choose devices that use strong encryption protocols to secure communication between the device and the receiver.
  • Security Awareness: Be cautious when using wireless input devices in public spaces, as attackers would need to be in close proximity to carry out mousejacking attacks.
  • Vendor Recommendations: Follow security guidelines provided by the manufacturers of your wireless devices.

It’s important to note that while mousejacking is a potential threat, the risk varies depending on the specific make and model of the wireless devices in use.
Additionally, tools like Mouse Jigglers, often considered innocuous, can also be leveraged maliciously to bypass inactivity detection, enabling persistent unauthorized access.

Protecting Your Endpoints and Network Assets

Sepio’s Asset Risk Management provides organizations physical layer visibility into all devices operating over network and USB interfaces. It identifies hardware anomalies, mitigating threats like MouseJacking and other mouse attacks before they compromise your network.

Sepio Visibility Overview
Sepio Visibility Overview

Sepio policy enforcement mechanism facilitates control over hardware access by implementing a stringent set of policies determined by the identity of the device. It promptly identifies any devices that violate the predefined policies and initiates an automatic mitigation process to prohibit the device. This effectively thwarts malicious actors from executing hardware-based attacks, particularly all USB connections and mitigation of MouseJack Attacks.

Comprehensive Hardware Defense

Having comprehensive visibility into all network assets is an essential requirement for safeguarding hardware. However, the value of this information lies in the actions you can take based on it. Sepio, provides immediate insights into network devices requiring attention. Through Asset DNA technology and policy rules, it alerts you to high, medium, and low risks, accelerating the resolution time and thwarting hardware-based attacks, including MouseJacking. This real-time, actionable visibility empowers your security team to gain a deeper understanding of your device attack surface and proactively manage your hardware defense.

So, that innocent mouse or keyboard that you are using might be one of your greatest security threats.

See every asset. Mitigate every risk

Talk to a Sepio expert to learn how patented technology can protect you from the dangers of wireless mouse hacking and secure your network from hardware-based threats.

December 21st, 2020