Some of the computer dongles that come with wireless keyboards and mouses may offer hackers a fairly simple way to remotely access and take over your computer, according to a new report from Internet-of-things security startup Bastille.
Atlanta-based Bastille says it has determined that a number of non-Bluetooth wireless keyboards and mouses from seven companies—including Logitech, Dell, and Lenovo—have a design flaw that makes it easy for hackers from as far as about 90 meters away to pair with the dongle.
“Once infiltrated, which can be done with $15 worth of hardware and a few lines of code, a hacker has the ability to insert malware that could potentially lead to devastating breaches,” Bastille engineer Marc Newlin said in a statement Tuesday.
Billions of wireless keyboards and mice are vulnerable to hijacking with inexpensive radio transmitters, potentially letting hackers type arbitrary commands to computers hooked to the devices from up to 100 meters away, warns security firm Bastille.
The vulnerability, which the company has dubbed MouseJack, lets hackers impersonate certain non-Bluetooth wireless mice and keyboards from companies including Logitech, Dell, and Microsoft, according to Bastille.
Hackers could then type commands on the computer as if they were the current user, potentially letting them delete files or install malware, the company says.