Print 49 comment(s) - last by Pirks.. on Aug 6 at 3:58 AM

Attack infects keyboards to record keystrokes and more

No one wants to get their computer hacked or infected with viruses. For a long time, Windows PCs were the only real target of hackers and nefarious users, but as Apple Mac computers have become more popular hacks for these systems are now becoming more common.

A new hack that was demonstrated at DEFCON 2009 doesn't attack the software of Apple computers, rather it attacks the hardware.

Strangely it doesn't attack hardware inside the computer, rather the attack focuses on Apple's USB and Bluetooth keyboards. That means that once infected, the keyboard can’t simply be repaired with a firmware update. The man who devised the hack goes by K. Chen and says he goes by that name because of fear that he would be harassed by Mac fans.

Once infected, the keyboard spits the text most recently typed in reverse order back onto the screen of the computer each time the enter key is pressed. The demonstration shows that the hardware attack is capable of recording keystrokes and injecting them back to the host machine. The key logging capability of the attack can also reportedly work during the boot phase unlocking more hardware and encryption features.

When the keyboard is infected, it can be used to run a bash connect back shell and then give the attacker full control over the computer allowing a root kit to be installed. The level of control is enough that the hacker could wait until the computer was idle and then start the attack.

The exact weakness in the Mac OS used to install the hack on the keyboard is unknown, but Chen says that the code needed to execute the attack in under 100kb and takes under 18 seconds to execute. Once infected the keyboard can’t be fixed and would simply need to be replaced. Chen says he is working with Apple on a fix for the issue.

More and more security issues are being found with Mac computers as they grow in popularity and become more appealing targets for hackers.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Props
By MrBlastman on 8/3/2009 10:49:02 AM , Rating: 1
Who'd ever think stroking your keys would get you slapped. Them thar Apples have high standards. :)

I'm laughing at this, poor poor Apples (not). It looks like Apples might finally turn into the new playground soon enough.

RE: Props
By cdwilliams1 on 8/3/09, Rating: -1
RE: Props
By amanojaku on 8/3/2009 11:22:42 AM , Rating: 4
I have to disagree. Bluetooth and USB both use HCI to communicate with the OS, but the HCI specification does not require the use of upgradable firmware. A Bluetooth or USB keyboard that used ROM would not have had this problem, while providing the same functionality minus the "upgrade." I've never heard of anyone upgrading the firmware on a keyboard, anyway, so I don't understand the practicality of such a feature. I wouldn't buy a keyboard if it doesn't work immediately, and I can use programs to map function keys and macros. I agree with Mr. Chen; the firmware should not have been upgradable. So the end result is Apple's negligence makes its users vulnerable to attack.

RE: Props
By stirfry213 on 8/3/2009 1:35:31 PM , Rating: 2
Even if it used flashable memory, this may not be very effective as there are lots of keyboard manufacturers for PCs. Tho I don't use Macs, I bet they typically use Apple keyboards and not aftermarket which makes it more likely for this hack to work.

RE: Props
By Souka on 8/3/2009 2:30:40 PM , Rating: 4
Oh I'm sure iTunes will release a firmware update to kill this hack....

iTunes seems to do things like know...relase "updates" that kill non-apple stuff


RE: Props
By Adul on 8/3/2009 12:14:40 PM , Rating: 3
the problem not mention in this article is that the keyboards from Apple have the firmware UNLOCKED to address issues for product that is rushed to market. So all apple really needs to do is lock down the firmware to prevent this.

RE: Props
By tayhimself on 8/3/2009 1:42:28 PM , Rating: 2
More importantly, every other manufacturer has their firmware locked. Wonder why Apple didn't bother with this security check other than the reason that they are perfect and virus free ;)

RE: Props
By MonkeyPaw on 8/3/2009 6:42:00 PM , Rating: 5
It's unlocked so Apple can remotely disable your keyboard at will. That way if a Mac user ever happens to "see the light" and start bad mouthing their Mac--Poof! Lockdown. I'm sure Apple's right to do this is in the EULA somewhere.

"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home
Related Articles

Latest Headlines
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
The Samsung Galaxy S7
September 14, 2016, 6:00 AM
Apple Watch 2 – Coming September 7th
September 3, 2016, 6:30 AM
Apple says “See you on the 7th.”
September 1, 2016, 6:30 AM

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Laptop or Tablet - Which Do You Prefer?
September 20, 2016, 6:32 AM
Update: Samsung Exchange Program Now in Progress
September 20, 2016, 5:30 AM
Smartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki