Microsoft Wireless Keyboards Allegedly Susceptible to Keylogger Disguised as USB Charger
Security researcher Samy Kamkar, well known for his prolific and creative work in exposing vulnerabilities on the Web and in various electronic products, has released details of a keylogger that can sniff keystrokes transmitted from several models of Microsoft wireless keyboards. The device is so tiny that it can be hidden inside common products. Kamkar has shown off a working device hidden inside a USB charger and, thus completely disguising it. As noted by Ars Technica, the device, called KeySweeper, sounds like something right out of a spy movie. It works because Microsoft uses weak security to encrypt the proprietary connection between the wireless keyboards and their receivers. Making matters worse, each keyboard's wireless MAC address, which can easily be skipped, is used as the encryption key. The hardware required is a tiny Arduino or Teensy board with a Nordic Semiconductor nRF24L01+ radio frequency transceiver. The design is customisable enough to allow for a ba