A computer security firm is warning wireless keyboard users that a flaw found in millions of devices allows hackers to read what you’re typing.
California-based Bastille Networks said it has discovered the security flaw in low-end wireless keyboards.
Using an off-the-shelf USB radio antenna and a laptop with publicly available software, Bastille found it’s possible to intercept and record the signal from wireless keyboards – from as far as 250 feet away. The process is called key sniffing.
The process records everything a hacker needs to steal your identity: addresses, social security numbers, birthdates – basically everything you type.
“The average person can do it,” said Balint Seeber, Bastille’s director of vulnerability research. “If you order the dongle online and download the open source software from the internet, it’s just a couple lines to type into your console here, and that’ll get you up and running and sniffing for vulnerable devices in your airspace.”
The affected wireless keyboard brands are Hewlett-Packard, Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric and EagleTec.
“That represents millions of keyboards out in the world,” said Risley. “The manufacturers make these things and don’t check that they’ve got the vulnerabilities.”
Bastille said it notified the manufacturers three months ago. To date, only three companies, General Electric, Anker and Kensington responded and offered a fix.
If your manufacturer is not offering a fix, the only option is to get a wired or Bluetooth keyboard, according to the company.
You can check out if your keyboard is on the list by clicking here.