Connect with us

Hi, what are you looking for?


Mobile & Wireless

Wireless Keyboards Vulnerable to Sniffing, Injection Attacks

Wireless keyboards from several vendors don’t use encryption when communicating with their USB dongle, allowing remote attackers to intercept keystrokes or send their own commands to the targeted computer.

Wireless keyboards from several vendors don’t use encryption when communicating with their USB dongle, allowing remote attackers to intercept keystrokes or send their own commands to the targeted computer.

The attack method, dubbed KeySniffer, was discovered by researchers at IoT security company Bastille. Experts tested non-Bluetooth wireless keyboards from 12 manufacturers and determined that devices from eight of them are vulnerable to KeySniffer attacks.

Bastille said the affected products are inexpensive wireless keyboards from HP, Toshiba, Insignia, Kensington, Radio Shack, Anker, General Electric and EagleTec. It’s possible that products from other companies are impacted as well. Experts determined that higher-end keyboards produced by firms like Lenovo, Dell and Logitech are not affected as they encrypt communications.

KeySniffer attacks are possible because some keyboard manufacturers use unencrypted radio communication protocols. Experts have demonstrated that an attacker using equipment worth less than $100 can launch attacks from distances of up to 250 feet.

Since the affected keyboards send keystrokes in clear text, a remote attacker can use a widely available long-range USB radio dongle, such as Crazyradio PA, to intercept communications. Since the vulnerable devices continuously transmit radio packets – regardless of whether the user is typing or not – it’s easy for an attacker to scan a building or an open space for potential targets.

Researchers have demonstrated that an attacker can easily capture all the victim’s keystrokes and then search the obtained strings for valuable information, such as email addresses, usernames, passwords, and payment card information.

KeySniffer attack

In addition to eavesdropping, an attacker can exploit KeySniffer to inject their own keystrokes, which can allow them to install malware, steal data or conduct other activities on the victim’s device.

Advertisement. Scroll to continue reading.

Bastille has informed the affected vendors about the vulnerability, but the company believes there is nothing that can be done in most cases since the devices don’t support firmware updates. Kensington informed the security firm that it has released a firmware update to address the issue.

This is not the first time Bastille has found such vulnerabilities. Earlier this year, the company warned that wireless mice and keyboards from several top vendors were vulnerable to so-called MouseJack attacks, where malicious actors send key press packets to a targeted computer through the affected device’s USB dongle in an effort to conduct arbitrary actions. MouseJack is particularly effective against wireless mice because these devices typically don’t use encryption and proper authentication mechanisms.

The MouseJack vulnerability was found to affect more than 80 percent of organizations. Several vendors, including Microsoft, Logitech and Lenovo, released firmware updates to address the weakness, while others provided recommendations on how to mitigate the threat.

Related: Serious Vulnerability Affects Over 120 D-Link Products

Related: Wireless ISP Modems Plagued by Serious Vulnerabilities

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.