Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Keyboard Vulnerability Lets Hackers Track Every Keystroke

by Chelsey B. Coombs on July 28, 2016

Is Your Keyboard Safe?

A vulnerability just discovered by the U.S. startup Bastille Networks may give cybercriminals access to anything you type using your wireless keyboard, even if you take your security seriously.

According to Sophos’ Naked Security blog, this vulnerability, called KeySniffer, allows anyone to record your keystrokes because they are not encrypted by the wireless keyboard before being transmitted to your computer. Encryption essentially scrambles a message, in this case, what you’re typing, as it goes from one location to another. This encrypted message is then descrambled by the receiver. Some wireless keyboards are sending data without this protection. 

Hackers with a piece of inexpensive equipment — like this $30 dongle — just need to turn it on close by to listen in on the transmitted text going from your wireless keyboard to your device. The worst part? You won’t even be able to tell it’s happening.

Bastille found that this vulnerability affects keyboards made by eight of the twelve manufacturers they tested, including HP and Toshiba. If your keyboard connects to your device via Bluetooth, you’re safe from KeySniffer, but if it uses a USB dongle for connectivity, it might be on the list. You can check to see if your wireless keyboard is exposed here.

Unfortunately, manufacturers won’t be able to send out a quick security update to fix the problem, so the only solution for users concerned about this particular attack is to stop using the keyboard altogether.

Bastille previously found a similar vulnerability within wireless dongle-connected mice and keyboards and dubbed it “Mousejacking.” Over a billion of these devices allow cybercriminals to take a more active approach to hacking your devices by taking over your computer to type or click whatever they please. In this security flaw, hackers send a seemingly legitimate signal to the peripheral’s dongle, which, more often than not, the device determines the signal to be coming from the mouse or keyboard, rather than from an illegitimate source. (Find out if your mouse is affected in our story.)

While many of these keyboard and mice peripherals are inexpensive, it’s clear that manufacturers need to take the security of these devices seriously so their customers — and their data — don’t fall victim to cybercriminals. 

[Image credit: Zaenani Trianto/Flickr]


Computer Safety & Support, News, Computers and Software, Blog

Discussion loading


From Bhavesh Gudhka on August 21, 2016 :: 12:32 pm

OMG! I never thought about this keyboard related hacking.


Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.