ICT Security-Sécurité PC et Internet

THAT TINY DONGLE plugged into your USB port and paired with your wireless keyboard or mouse isn’t as monogamous as it pretends to be. For millions of cheap peripherals, those innocent-looking radio receivers may be carrying on a sly, long distance relationship—letting an antenna-wielding intruder silently type malicious commands on your PC.

That’s a new warning from researchers at the Internet of things security firm Bastille, who released an advisory today that seven different companies’ wireless keyboards and mice are vulnerable to an exploit they’ve dubbed “mousejacking.” The attack—which affects a broad collection of devices sold by Logitech, Dell, Microsoft, HP, Amazon, Gigabyte and Lenovo—lets an interloper inject mouse movements or keystrokes at a rate of a thousand words per minute from an nearby antenna, even when the target device is designed to encrypt and authenticate its communications with a paired computer.

But even without a public exploit from Bastille, other hackers could soon reverse engineer the attack and release it publicly. That means you should update or replace any vulnerable devices you use ASAP.