Experts from the security company Bastille have discovered a new method of cyber-attacks called Mousejack. Computers using wireless mice are at risk. The vulnerability does not affect Bluetooth devices, but devices using USB dongles that are inserted into computer ports.
The problem is that even the leading manufacturers of such devices (i.e., Logitech, Microsoft, Amazon, Dell, HP, Lenovo) do not encrypt traffic between the computer and the mouse, which makes devices vulnerable. All a potential hacker needs is a USB antenna, which costs around $15, and a few lines of a special code. Then, the hacker can make his computer pretend to be a wireless mouse and start controlling someone else's computer from up to 200 meters away. The consequences may be very unpleasant: just imagine that your mouse is being controlled by someone else. Launching your browser, visiting unwanted pages, downloading malware and deleting or stealing important data is far from a complete list of bad effects.
Of course, the hacker needs to see the screen of an attacked computer, which he can do by sitting at a neighboring table in a café or using drones with video cameras, to name a few favorable scenarios. Moreover, most devices of this kind cannot be updated. So, the only way to avoid a Mousejack is by replacing a device with a more protected one.
