backtop


Print 49 comment(s) - last by Pirks.. on Aug 6 at 3:58 AM

Attack infects keyboards to record keystrokes and more

No one wants to get their computer hacked or infected with viruses. For a long time, Windows PCs were the only real target of hackers and nefarious users, but as Apple Mac computers have become more popular hacks for these systems are now becoming more common.

A new hack that was demonstrated at DEFCON 2009 doesn't attack the software of Apple computers, rather it attacks the hardware.

Strangely it doesn't attack hardware inside the computer, rather the attack focuses on Apple's USB and Bluetooth keyboards. That means that once infected, the keyboard can’t simply be repaired with a firmware update. The man who devised the hack goes by K. Chen and says he goes by that name because of fear that he would be harassed by Mac fans.

Once infected, the keyboard spits the text most recently typed in reverse order back onto the screen of the computer each time the enter key is pressed. The demonstration shows that the hardware attack is capable of recording keystrokes and injecting them back to the host machine. The key logging capability of the attack can also reportedly work during the boot phase unlocking more hardware and encryption features.

When the keyboard is infected, it can be used to run a bash connect back shell and then give the attacker full control over the computer allowing a root kit to be installed. The level of control is enough that the hacker could wait until the computer was idle and then start the attack.

The exact weakness in the Mac OS used to install the hack on the keyboard is unknown, but Chen says that the code needed to execute the attack in under 100kb and takes under 18 seconds to execute. Once infected the keyboard can’t be fixed and would simply need to be replaced. Chen says he is working with Apple on a fix for the issue.

More and more security issues are being found with Mac computers as they grow in popularity and become more appealing targets for hackers.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Meanwhile in the real world....
By Alexstarfire on 8/4/2009 3:08:48 PM , Rating: 2
I think you're not understanding your own metaphor correctly. What the other guy is saying is that if you had actual cancer, AKA an infection on a PC, that you could actually get cured, AKA fixed and patched, but that if you had the hypothetical cancer, AKA a security hole in a mac, that if you did get cancer, AKA infected, that you'd be shit out of luck.

Of course by your analogy it sounds like the PC guys are living in Chernobel with the rate they get "cancer." Of course you could also think of it this way. The PC guys are standing in front of a radiation gun, AKA hackers and such, but have on a radiation suit and a lead vest while the mac guys are standing just outside the range of the radiation gun but are totally unprotected. Turn that gun just a bit in your direction and boom. Not only do you get cancer, but you become mutated too.


By Tony Swash on 8/4/2009 5:17:28 PM , Rating: 2
The main point I keep making is that this is all just over excited talk about maybe this, maybe that, gosh this is theoretically possible. But in the real world - my own personal preferred reference point for trying to understand reality - macs are clean of infections and Windows PCs are not.

No matter how much enthusiasm greets the announcement of each new mac related "security hole" the simple truth is that macs are not actually being infected and Windows PCS are.

As I said I prefer hypothetical cancer to actual cancer - your preferences may be different.


"Well, there may be a reason why they call them 'Mac' trucks! Windows machines will not be trucks." -- Microsoft CEO Steve Ballmer

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki