If you are using a cheap wireless keyboard, you run the risk of having your passwords stolen. According to researchers at the security company, Bastille, there’s a security hole in millions of keyboards that can allow hackers see every keystroke from up to 100 meters away.
After testing wireless keyboards put out by a dozen manufacturers, they found that eight of those manufacturers had keyboards that were susceptible to attack, including ones from HP and Toshiba. The thing they all had in common was that rather than using Bluetooth, they sent information over unencrypted radio signals.
This isn’t the first time the security of radio signals have been brought into question. Bastille has previously found that over a billion keyboards manufactured by Logitech, HP, Microsoft, Dell, Lenovo, and Amazon all could be controlled by a remote antenna. It’s also been shown that dozens of car models from brands like Ford, Toyota, Nissan, Audi, and Volkswagen could be unlocked using a radio amplifier, leading to the revelation in the first part of 2015 three quarters of all cars stolen in France were done so using this technique.
This new attack, called KeySniffer, intercepts information transmitted from the keyboard to its USB receiver and relies on parts that can be purchased for less than $100. It allows hackers the ability to steal usernames, passwords, credit card information, and any other sensitive personal data typed into an affected keyboard. There are industry standards when it comes to the security of keyboards that use Bluetooth, but the same can’t be said for ones relying on radio waves. Consequently, it’s up to the manufacturer to make those decisions, and very often their security is lacking.
If you want to use a wireless keyboard and are concerned about security, your best bet is to switch to one that relies on Bluetooth rather than radio waves. If you want to check the status of a keyboard you own now, here is a list of affected devices as of this writing:
- Anker Ultra Slim 2.4GHz Wireless Compact Keyboard
- EagleTec K104
- EagleTec KS04 2.4 GHz Wireless Combo keyboard
- General Electric 98614 wireless keyboard
- HP Wireless Classic Desktop wireless keyboard
- Insignia Wireless Keyboard NS-PNC5011
- Kensington ProFit Wireless Keyboard
- RadioShack Slim 2.4GHz Wireless Keyboard
- Toshiba PA3871U-1ETB wireless keyboard