MouseJack is a term used to describe a security vulnerability that affects certain wireless mice and keyboards. MouseJack exploits a weakness in the communication protocol used by some wireless input devices that operate in the 2.4 GHz ISM band.
Ever heard of a MouseJack Attack? You are at work, sitting at your desk in front of your computer, aimlessly scrolling through Facebook. Suddenly you see that you have just “liked” a picture posted by someone you went to school with 15 years ago – awkward! But you are sure that you did not click anything. You know to be more careful than that. Then, you observe something appearing in the search bar, confirming that you are not the one who is typing…
What is going on? Who is doing this? How are they doing this? Well, the USB dongle that your wireless mouse and keyboard use to communicate with the host computer has been compromised (Bad USB). Instead, your benign dongle has been replaced with a malicious $15 USB device that allows an attacker to impersonate your mouse or keyboard. This is known as MouseJacking (Hacked Device). The bad actor can actually move your mouse and/or type keystrokes from up to 100 meters away. So, no, it was not you that “liked” your peer’s picture, but the attacker obviously found it worthy of one.
MouseJack Attacks: Risks, Impacts, and Prevention Strategies for Organizations
In a more perilous situation, the perpetrator might perform a MouseJack attack on a target organization in order to obtain sensitive information or compromise the network. By impersonating the mouse and keyboard, the malicious actor can install malware and rootkits. Or copy files off the computer in seconds, having damaging consequences for the victim.
In addition to performing these actions, the USB dongle also receives the information describing the actions of the user. Such as how they move their mouse and which keys they are pressing on the keyboard. With this, the attacker can obtain sensitive information such as usernames, passwords, security question answers and credit card information.
By acquiring login credentials, the perpetrator can access the network and cause further damage. In instances where they steal credit card information, they can sell it on the black market and engage in credit card fraud.
Sepio Can Help Against Stealthy MouseJack Attacks
An organization can face significant danger from a MouseJack attack because it enables a malicious actor to infiltrate without detection. The computer won’t identify the device’s malicious intent in such cases. Being recognized as a genuine HID means that this hardware device will not raise any security alarms… And the organization will not know that they are being attacked until it is too late.
Sepio’s Asset Risk Management provides organizations with complete visibility into all devices operating over network and USB interfaces. As well as identifying those which are acting in anomalous ways. Providing complete visibility helps establish a stronger cybersecurity stance and substantially decreases the vulnerability to a successful MouseJack attack.
So, that innocent mouse or keyboard that you are using might be one of your greatest security threats.