I’ve been looking into this vulnerability recently (it was publicly released circa 1yr ago). Has anyone (forensic examiners???) investigated any incidents/seen it used in the wild? Would be interested to know.
Basically, it exploits a certain chipset used in wireless mice/keyboards and the proprietary protocol used therein. Although the protocol runs on the 2.4ghz frequency, being proprietary it’s not bluetooth or wifi based. Attacker can ‘listen’ for vulnerable devices, and then submit keystrokes to the receiving usb dongle which are in turn executed on the victim machine. I’ve tested it against myself, and obtaining remote shell access to the victim device couldn’t be easier. Remediation is simple – don’t use wireless keyboards or mice. However, if you want to use them just make sure they are not vulnerable. Check out Bastille’s Mousejack web page for more info on specific vulnerable devices.
Might be one for TSCM (or maybe protection) folks to consider advising against.
See original article: Mousejacking