Print 49 comment(s) - last by Pirks.. on Aug 6 at 3:58 AM

Attack infects keyboards to record keystrokes and more

No one wants to get their computer hacked or infected with viruses. For a long time, Windows PCs were the only real target of hackers and nefarious users, but as Apple Mac computers have become more popular hacks for these systems are now becoming more common.

A new hack that was demonstrated at DEFCON 2009 doesn't attack the software of Apple computers, rather it attacks the hardware.

Strangely it doesn't attack hardware inside the computer, rather the attack focuses on Apple's USB and Bluetooth keyboards. That means that once infected, the keyboard can’t simply be repaired with a firmware update. The man who devised the hack goes by K. Chen and says he goes by that name because of fear that he would be harassed by Mac fans.

Once infected, the keyboard spits the text most recently typed in reverse order back onto the screen of the computer each time the enter key is pressed. The demonstration shows that the hardware attack is capable of recording keystrokes and injecting them back to the host machine. The key logging capability of the attack can also reportedly work during the boot phase unlocking more hardware and encryption features.

When the keyboard is infected, it can be used to run a bash connect back shell and then give the attacker full control over the computer allowing a root kit to be installed. The level of control is enough that the hacker could wait until the computer was idle and then start the attack.

The exact weakness in the Mac OS used to install the hack on the keyboard is unknown, but Chen says that the code needed to execute the attack in under 100kb and takes under 18 seconds to execute. Once infected the keyboard can’t be fixed and would simply need to be replaced. Chen says he is working with Apple on a fix for the issue.

More and more security issues are being found with Mac computers as they grow in popularity and become more appealing targets for hackers.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Meanwhile in the real world....
By Tony Swash on 8/3/2009 3:15:39 PM , Rating: -1
Meanwhile in the real world its PCs not Macs that get viruses, worms, Trojans and root kits installed. In the real world there are no exploits of the Mac spreading where as there are literally thousands of viruses and other infections spreading and really attacking thousands of actual PCs.

Anyone can come up with a "possible" scenario, a "maybe" scenario, a "it could happen" scenario. But I repeat that in the real world its a simple fact that its PCs that get infected and not Macs - with actual infections and attacks and not possible possible infections and attacks.

If I had to choose between actual cancer and a hypothetical possibility of cancer I know which one I would choose.

RE: Meanwhile in the real world....
By rtrski on 8/4/2009 8:39:37 AM , Rating: 2
The one for which, by dint of market demand, all the medical researchers are hard at work constantly releasing cures and remedies?

Hey, it's your metaphor.

By cactusdog on 8/4/2009 9:01:39 AM , Rating: 2
Why do people pay twice as much to do half as much and have all these issues. Then you gotta pay them for updates and/or return hardware to them to fix for a premium. I dunt get it.

RE: Meanwhile in the real world....
By Tony Swash on 8/4/2009 12:51:35 PM , Rating: 1
Not quite sure what your point is here - to repeat - there are no security exploits which comprise macs propagating in the mac community of users, there are many, many such exploits propagating in the PC community.

To explore the metaphor a bit more. If a medical professional says stop eating such and such stuff and your chances of getting caner will go down - I may well stop eating that stuff. But it remains true that I would rather suffer from hypothetical cancer than real cancer.

RE: Meanwhile in the real world....
By Alexstarfire on 8/4/2009 3:08:48 PM , Rating: 2
I think you're not understanding your own metaphor correctly. What the other guy is saying is that if you had actual cancer, AKA an infection on a PC, that you could actually get cured, AKA fixed and patched, but that if you had the hypothetical cancer, AKA a security hole in a mac, that if you did get cancer, AKA infected, that you'd be shit out of luck.

Of course by your analogy it sounds like the PC guys are living in Chernobel with the rate they get "cancer." Of course you could also think of it this way. The PC guys are standing in front of a radiation gun, AKA hackers and such, but have on a radiation suit and a lead vest while the mac guys are standing just outside the range of the radiation gun but are totally unprotected. Turn that gun just a bit in your direction and boom. Not only do you get cancer, but you become mutated too.

By Tony Swash on 8/4/2009 5:17:28 PM , Rating: 2
The main point I keep making is that this is all just over excited talk about maybe this, maybe that, gosh this is theoretically possible. But in the real world - my own personal preferred reference point for trying to understand reality - macs are clean of infections and Windows PCs are not.

No matter how much enthusiasm greets the announcement of each new mac related "security hole" the simple truth is that macs are not actually being infected and Windows PCS are.

As I said I prefer hypothetical cancer to actual cancer - your preferences may be different.

“We do believe we have a moral responsibility to keep porn off the iPhone.” -- Steve Jobs
Related Articles

Latest Headlines
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
The Samsung Galaxy S7
September 14, 2016, 6:00 AM
Apple Watch 2 – Coming September 7th
September 3, 2016, 6:30 AM
Apple says “See you on the 7th.”
September 1, 2016, 6:30 AM

Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki