Home | Blog

MouseJack

MouseJack

Ever heard of a MouseJack Attack? You are at work, sitting at your desk in front of your computer, aimlessly scrolling through Twitter. Suddenly you see that you have just “liked” a picture posted by someone you went to school with 15 years ago – awkward! But you are sure that you did not click anything. You know to be more careful than that. Then, you observe something appearing in the search bar, confirming that you are not the one who is typing…

What is going on? Who is doing this? How are they doing this? Well, the USB dongle that your wireless mouse and keyboard use to communicate with the host computer has been compromised. Instead, your benign dongle has been replaced with a malicious $15 USB device that allows an attacker to impersonate your mouse or keyboard.

This is known as MouseJacking. A form of mouse attack where hackers can actually move your mouse and/or type keystrokes from up to 100 meters away. So, no, it was not you that “liked” your peer’s picture, but the attacker obviously found it worthy of one.

MouseJack involves exploiting the weak encryption used by some wireless mouse and keyboards, allowing an attacker to send malicious commands to the target computer. By injecting malicious keystrokes or mouse movements, an attacker could potentially take control of a victim’s computer, execute commands, or perform other malicious actions.

Why Mousejacking is a Risks for Organizations?

In a more perilous situation, the hacker might perform a MouseJack attack on a target organization in order to obtain sensitive information or compromise the network (hardware attack). By impersonating the mouse and keyboard, the malicious actor can install ransomware and rootkits. Or copy files off the computer in seconds, having damaging consequences for the victim.

In addition to performing these actions, the USB dongle also receives the information describing the actions of the user. Such as how they move their mouse and which keys they are pressing on the keyboard. With this, the attacker can obtain sensitive information such as usernames, passwords, security question answers and credit card information. By acquiring login credentials, the hacker can access the network and cause further damage. In instances where they steal credit card information, they can sell it on the black market and engage in credit card fraud.

An organization can face significant danger from a MouseJack attack because it enables a malicious actor to infiltrate without detection. The computer won’t identify the device’s malicious intent in such cases. Being recognized as a genuine HID means that this hardware device will not raise any security alarms… And the organization will not know that they are being attacked until it is too late.

How to Protect Against Mousejacking

Here’s how to safeguard against wireless mouse hacking:

  • Firmware Updates: Keep the firmware of your wireless devices up-to-date. Manufacturers may release updates that address security vulnerabilities.
  • Encryption: Choose devices that use strong encryption protocols to secure communication between the device and the receiver.
  • Security Awareness: Be cautious when using wireless input devices in public spaces, as attackers would need to be in close proximity to carry out mousejacking attacks.
  • Vendor Recommendations: Follow security guidelines provided by the manufacturers of your wireless devices.

It’s important to note that while mousejacking is a potential threat, the risk varies depending on the specific make and model of the wireless devices in use.
Additionally, tools like Mouse Jigglers, often considered innocuous, can also be leveraged maliciously to bypass inactivity detection, enabling persistent unauthorized access.

Protecting Your Network Assets

Sepio’s Asset Risk Management provides organizations physical layer visibility into all devices operating over network and USB interfaces. It identifies hardware anomalies, mitigating threats like MouseJacking and other mouse attacks before they compromise your network.

Sepio policy enforcement mechanism facilitates control over hardware access by implementing a stringent set of policies determined by the identity of the device. It promptly identifies any devices that violate the predefined policies and initiates an automatic mitigation process to prohibit the device. This effectively thwarts malicious actors from executing hardware-based attacks, particularly all USB connections and mitigation of MouseJack Attacks.

Comprehensive Hardware Defense

Having comprehensive visibility into all network assets is an essential requirement for safeguarding hardware. However, the value of this information lies in the actions you can take based on it. Sepio, provides immediate insights into network devices requiring attention. Through Asset DNA technology and policy rules, it alerts you to high, medium, and low risks, accelerating the resolution time and thwarting hardware-based attacks, including MouseJacking. This real-time, actionable visibility empowers your security team to gain a deeper understanding of your device attack surface and proactively manage your hardware defense.

So, that innocent mouse or keyboard that you are using might be one of your greatest security threats.

See every asset. Mitigate every risk

Talk to a Sepio expert to learn how patented technology can protect you from the dangers of wireless mouse hacking and secure your network from hardware-based threats.

December 21st, 2020
Jessica Amado

Jessica Amado
Head of Cyber Research

Related Posts

  •
    Network Devices

    Invisible or hidden Network Devices detection is security processes aimed to detect malicious unauthorized devices connected to a network.