Mousejack. Use a wireless mouse? This $15 hack could compromise your PC.

Discussion in 'other security issues & news' started by TairikuOkami, Feb 24, 2016.

  1. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    https://www.bastille.net/affected-devices

    http://www.cnet.com/news/i-got-mousejacked/?ftag=CAD1acfa04&bhid=21042829401677677968185516752984

    If you have got Logitech, you might have a bit problem upgrading firmware, here is the solution:

    https://forums.logitech.com/t5/Keyb...ware-available-yet/m-p/1494051/highlight/true
     
  2. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    That is one reason why I still use my Logitech MX310 from 2003. Any wireless mouse and dangle should have encrypted communications since the day they were invented, but I guess people underestimated the power of hacking :)

    Logitech might have put out a firmware to fix this, but there are tons of companies who simply don't care for users' security, which is just sad.
     
  3. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    You may not know this... but you can still buy a keyboard and mouse with wires, and it's 2016. It's generally preferred since you don't need to change them.
     
  4. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    :argh: I know that. I just didn't see a reason to change to wireless, specially since this mouse has been working for 13 years.

    I also had a MX300 which was bought around the same era, and it only stopped working because I did a mess with the solder iron, so it was my fault.
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    There will no firmware update for the wirelss mouse I use, since it's a cheap $10 device I purchased from China. I'm not too worried about this personally, as 99% of the time I don't use a mouse. Even I was to start using it, I wouldn't be too worried. While there is the potential of a security risk, I think it is a very small risk.
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Strange that Bluetooth is rarely even mentioned at all this time. It's as if they think that's unrelated or everyone already knows about Bluetooth insecurities or something.
     
  7. Krysis

    Krysis Registered Member

    Joined:
    Dec 28, 2012
    Posts:
    371
    Location:
    DownUnder
    I knew that some WiFi Keyboard\Mouse combos were vulnerable to external hacking, but didn't think it applied to WiFi mouse (Mice?) So, there you go!

    I've used a WiFi mouse for years - even though I have a laptop (I can't stand using Touchpads).

    Mine isn't on the listing, so I guess I'm OK. In any case, I wouldn't discard my WiFi mouse as the convenience IMO outweighs the security risk.
     
  8. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    After all the revisions that Bluetooth has gone through, one would think it would be stable by now. Or are you talking about old versions of Bluetooth?
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I was just surprised that no comparisons, beyond one being affected and the other not, was made.
     
  10. Brosephine

    Brosephine Registered Member

    Joined:
    Dec 4, 2015
    Posts:
    181
    Location:
    Metropolis
    Would a Logitech USB mouse/keyboard be vulnerable to this? If so, would a simple re-installation be a sufficient solution?
     
  11. haakon

    haakon Guest

    Maybe yes. Maybe no. From post #1 above:
    And found using that google thing:
    https://forums.logitech.com/t5/Mice-and-Pointing-Devices/Logitech-Response-to-Unifying-Receiver-Research-Findings/m-p/1493878/thread-id/73186
     
  12. haakon

    haakon Guest

    Got ya beat. I'm using an RS-232 mouse. COM 1 IRQ 4, of course...
     
  13. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    :argh::argh::argh::argh: That just made my day. Thank you, sir! :thumb:
     
  14. haakon

    haakon Guest

    I just received a reply to my Zemana support inquiry: AntiLogger Premium will detect and block MouseJack.

    So, even if a Nordic Semiconductor nRF24L device is unsupported by a firmware update, protection is available if going wired is not an option.
     
    Last edited by a moderator: Mar 7, 2016
  15. haakon

    haakon Guest

    And now from Bitdefender:

    Kindly be informed that Intrusion Detection module of Bitdefender is responsible to deal with MouseJack threats.
    Best regards,
    - - - - -
    Bitdefender Technical Support Engineer


    Note that Intrusion Detection is available only in BD products having their firewall (Internet Security, et al). I've always keep mine set at Aggressive.
     
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,027
    Location:
    Texas
    https://threatpost.com/range-of-mousejack-attack-more-than-doubles/117506/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.