Text to Search... About Author Email address... Submit Name Email Adress Message About Me page ##1## of ##2## Jan Feb Mar Apr May Jun Jul Aug Sept Oct Nov Dec



6/newsticker//recent

404

Sorry, this page is not avalable
Home

Latest Articles

KeySweeper: Arduino-based Keylogger for Wireless Keyboards

June 03, 2016
Security researcher has developed a cheap USB wall charger that is capable to eavesdrop on almost any Microsoft wireless keyboard.
MySpace mischief-maker Samy Kamkar has released a super-creepy keystroke logger for Microsoft wireless keyboards cunningly hidden in what appears to be a rather cheap, but functioning USB wall charger.

The stealthy Arduino-based device, dubbed "KeySweeper", looks and functions just like a generic USB mobile charger, but actually sniffs, decrypts, logs, and reports back all keystrokes from a Microsoft wireless keyboard.
"KeySweeper is a stealthy Ardunio-based device camouflaged as a wall charger that wirelessly sniffs, decrypts, logs and reports-back all keystrokes from any Microsoft wireless keyboard in the vicinity," Kamkar said.
The security researcher has also released instructions on how to build the USB wall charger online and surprisinglyits is cheap to build and quite capable. KeySweeper includes a web-based tool for live keystroke monitoring, capable to send SMS alerts for typed keystrokes, usernames, or URLs, and even continues to work after it is unplugged because of its rechargeable built-in battery.
"Even if we do not know the MAC address, we can decrypt the keystroke. Using a few-dollar Arduino and a US$1 Nordic RF chip we can decrypt these packets and see any keystroke of any keyboard in the vicinity that's using the Microsoft wireless keyboard protocol and it doesn't matter what OS is used."
Keysweeper stores the captured keystrokes both online and locally, and then send it back to the KeySweeper operator over the Internet via an optional GSM chip.
Usually, Microsoft wireless keyboards encrypt their data before sending it wirelessly, but Kamkar claims to have discovered several vulnerabilities in it that make the data easy to decrypt. Kamkar hasn't tested KeySweeper on every Microsoft wireless keyboard, but he believes that they will all be vulnerable.
Kamkar hasn't just outlined multiple vulnerabilities, but also released detailed instructions on how to build the device on GitHub. He's also produced a half-hour video on KeySweeper, which you can watch below:

According to the researcher, the unit cost for KeySweeper ranges from $10 to $80, depending on which functions a user requires. The hardware breakdown is mentioned as follows:
  • $3 – $30: An Arduino or Teensy microcontroller can be used.
  • $1: nRF24L01+ 2.4GHz RF Chip which communicates using GFSK over 2.4GHz.
  • $6: AC USB Charger for converting AC power to 5v DC.
  • $2 (Optional): An optional SPI Serial Flash chip can be used to store keystrokes on.
  • $45 (Optional): Adafruit has created a board called the FONA which allows you to use a 2G SIM card to send/receive SMS, phone calls, and use the Internet directly from the device.
  • $3 (Optional if using FONA): The FONA requires a mini-SIM card (not a micro-SIM).
  • $5 (Optional, only if using FONA): The FONA provides on-board LiPo/LiOn battery recharging, and while KeySweeper is connected to AC power, the battery will be kept charged, but is required nonetheless.
A Microsoft spokesperson told VentureBeat that they "are aware of reports about a 'KeySweeper' device and are investigating."

Related Articles

#Hacking
unixlegion.com uses cookies to improve your experience. I agree