Ever heard of “mousejacking?” Sounds like a made-up word, doesn’t it? That’s because it’s a newly coined term to describe a specific type of hacking— through your wireless mouse.
What Does the Hacker Need?
All that a hacker needs to mousejack your computer is an antenna (which costs maybe $15) and a short program, a bit of malicious code that many hackers could easily write themselves. That, and proximity to the target, is all that is necessary. In fact, the hacker might not even have to be in the building where your computer is located. He could be standing or sitting outside your office window or your home.
How Does Mousejacking Work?
You have probably seen keyboards and mice that work wirelessly via tiny USB dongles. The little square bit of tech fits into the USB port on your computer and transmits a signal to the mouse or the keyboard, enabling it to communicate with the computer or laptop.
That USB dongle is what the hacker would target. Essentially, the hacker uses the antenna to send out a specific signal. That signal looks like the signal of a wireless mouse, and most dongles grab it immediately as if it comes from the user’s real wireless mouse. Once the dongle latches onto the signal, the hacker behind the signal can change the input and pretend to be a wireless keyboard. Then, the hacker can tell the computer what to do.
What Can the Hacker Control?
Once the hacker gets in through the USB dongle, he or she can do anything. Essentially, the hacker has all the control that you would have. It’s as if he were sitting at your computer instead of you. He could make the computer’s onscreen information show up on his own screen. Accessing private files, photos, and documents would all be possible.
If you have a habit of leaving yourself logged in to email accounts and other personal accounts, the hacker can do even more damage. With your email account accessible, the hacker could do a “Forgot Password” check on your personal banking or social media accounts. Once the account sent the password reset link to your email address, the hacker could reset passwords and lock you out of your own accounts, at least for a while.
How Close Does the Hacker Need to Be?
According to research, the hacker needs to be within 656 feet or 200 metres of the target. That means people in airports, coffee shops, mall food courts, and similar open public spaces are more at risk than those in the home or office.
The security flaw with wireless mice was discovered by Marc Newlin, a researcher at Bastille, a security firm. Fortunately, the flaw does not affect devices that connect via Bluetooth. However, if you’re used to using a wireless mouse and keyboard with a USB dongle, you may want to consider switching to wired devices (read our wired gaming mouse guide), at least when you’re in a public area. Call the manufacturer of your wireless mouse to see if the company offers a secured replacement or a patch to close the security gap.