Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireless Keylogger Masquerades as USB Phone Charger

Posted by Soulskill on from the in-case-you-were-running-out-of-attack-vectors-to-worry-about dept.

msm1267 writes: Hardware hacker and security researcher Samy Kamkar has released a slick new device that masquerades as a typical USB wall charger but in fact houses a keylogger capable of recording keystrokes from nearby wireless keyboards. The device is known as KeySweeper, and Kamkar has released the source code and instructions for building one of your own. The components are inexpensive and easily available, and include an Arduino microcontroller, the charger itself, and a handful of other bits. When it's plugged into a wall socket, the KeySweeper will connect to a nearby Microsoft wireless keyboard and passively sniff, decrypt and record all of the keystrokes and send them back to the operator over the Web.

5 of 150 comments (clear)

  1. And this is good why? by Iniamyen · · Score: 3, Insightful

    I am not a security expert, but what non-nefarious purpose does this product serve?

    1. Re:And this is good why? by slacktide · · Score: 5, Insightful

      It's purpose is clearly to force wireless device manufacturers to use secure data transmission protocols.

    2. Re:And this is good why? by Anonymous Coward · · Score: 5, Insightful

      people could be secretly using this technology already, could have been for the past 10 years or more, to spy on you.

      by making it easy and publicizing it, this teaches you today about the risks you have already been facing which is good because perhaps now you will take steps and do something about it.

    3. Re:And this is good why? by Opportunist · · Score: 5, Insightful

      This is good because he told us instead of handing us a USB charger.

      "But if he wouldn't develop it, it would be better!"

      Nope. Because there is no such thing as security by apathy. Nobody has the monopoly on ideas, and this is hardly the first hack of this kind. Hiding microelectronics in inconspicuous everyday items is as old as, well, the Thing. Think the US would have been spied upon if they themselves knew such a device can be developed?

      And do you think you can be spied upon with such an item now?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Re:One more reason to use a wired keyboard by Nkwe · · Score: 3, Insightful

    A device that broadcast over sufficiently large range random flood of mouse clicks would be a very effective DoS tool in a corporate settings.

    Or a device that broadcast a very specific non-random set of keystrokes. For example you could send the keystrokes to open up a command window followed by the keystrokes to download and execute malware. You could even send the keystrokes to type in the source code and compile the malware or a malware bootstrap process.