It turns out that even something as seemingly benign as your mouse can put your personal information at risk. That’s according to a report by security firm Bastille, which says that hackers could in theory take control of your computer through its wireless peripherals.
The hack, which the company calls MouseJack, effects nearly every wireless mouse and keyboard on the market and could give a hacker complete access to your personal computer or to the network at your office. The hack isn’t exactly sophisticated, either. According to Bastille, all a would-be hacker needs is about $15 worth of computer hardware, which he could then use to send commands from his computer to yours. The hack works is because, while your wireless keyboard sends information in encrypted form to your computer’s wireless dongle (so hackers can’t see what you’re typing), your mouse doesn’t.
As a result, hackers can send signals designed to perform keyboard commands to your dongle. Those signals can then be used to hijack your system. “Wireless mice and keyboards are the most common accessories for PCs today, and we have found a way to take over billions of them,” said Marc Newlin, Bastille’s engineer responsible for the Mousejack discovery in a statement. So how to protect yourself? Well, some wireless mouse and keyboard manufacturers developed their devices so they can be patched via firmware updates. Other companies’ offerings, however, can’t be updated and will simply have to be replaced. Fortunately, Bastille has published a list of the impacted hardware, as well as information about how peripherals company has responded to the hack.