Skip to main content

This Fake Phone Charger Is Actually Recording Every Key You Type

keysweepah
“Whose phone charger is that sticking out of the wall? Oh. It must be Ben’s. Ben always leaves his charger at work. Classic Ben!”

Alas, it’s not Ben’s charger. Hell, it’s not a charger at all. It’s actually a little spy device disguised as a phone charger, capable of sniffing out every key you type on that wireless keyboard on your desk. Oh, and it can send the stuff it picks up straight to the eavesdropper’s phone. Oh! Oh! And it’ll keep working even if you unplug it — it only pretends to turn off.

That little box up top is built by Samy Kamkar (Yeah — the same Samy who built the self-titled worm that ravaged Myspace back in the day, and who built that crazy hands-free hacking necklace a few weeks back) who has dubbed it the “KeySweeper.”

Before you panic and throw your keyboard in the trash, here is the good news: This specific device only affects certain wireless keyboards. Most notably, Microsoft-branded wireless keyboards. We’re still trying to dig up a more exhaustive list — but for now, let “Microsoft wireless keyboard” be your caution sign.

In a statement, Microsoft notes that it only affects its 2.4 Ghz (not Bluetooth) keyboards released before July 2011 (Update: See the bottom of this post for a note on this from Samy, the man behind the hack). Even if it’s “only” older keyboards, remember: outside of the gamer crowd, most people don’t update their keyboards very often.

Here’s some of the crazier stuff KeySweeper can do:

Sniff out keystrokes as you type them.
If it detects certain keystrokes (like “TopSecretWebsite.com”), it can grab the chunk of text that follows (like your username and password) and send it over SMS to whoever planted the device.
Store keystroke logs on the device itself. These logs can be extracted from the device by hardwired USB, or by putting a second KeySweeper device within range of the first (like, say, an outlet on the other side of the wall).
When plugged in, it grabs its power from the wall.
When unplugged from the wall by an abnormally suspicious bystander, it looks like it powers down — but it actually just switches to battery power. Logging/sending continues. Naaaasty.
On the upside, most brand-name wireless keyboards sold today use encryption methods that are a bit tougher to crack. Logitech, for example, uses 128-bit AES on all of its wireless stuff (see page 6 of this doc for reference).

Samy estimates that each unit would cost $10 to $80 to build, depending on what sort of features you want (ditching the SMS support, for example, brings it down by about $45) — but is quick to note that he’s not actually selling these.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

How To Hide Text In Microsoft Word 2007, Reveal It & Protect It

Sometimes what we hide is more important than what we reveal. Especially, documents with sensitive information, some things are supposed to be ‘for some eyes only’. Such scenarios are quite common, even for the more un-secretive among us. You want to show someone a letter composed in MS Word, but want to keep some of the content private; or it’s an official letter with some part of it having critical data. As important as these two are, the most common use could involve a normal printing job. Many a time we have to print different versions of a document, one copy for one set of eyes and others for other sets. Rather than creating multiple copies and therefore multiple printing jobs, what if we could just do it from the same document?  That too, without the hassle of repeated cut and paste. We can, with a simple feature in MS Word – it’s just called Hidden and let me show you how to use it to hide text in Microsoft Word 2007. It’s a simple single click process. Open the docum...
1 comment
Read more

Boom, the startup that wants to build supersonic planes, just signed a massive deal with Virgin

Have you heard about Boom? Boom is a relatively new startup that’s aiming to build something pretty crazy. They’re not building an app… or a social network… or even some new gadget for the Kickstarter crowd. Boom wants to build planes. Really, really, really fast planes. Specifically, they’re trying to design and build a supersonic passenger plane that goes 2.2x the speed of sound. If all goes to plan, they’ll be able to shuttle people from New York to London in 3.5 hours, and SF to Tokyo in 4.5. Sound crazy? I wouldn’t disagree. It’s worth noting that the company is in the very early days for something as intensive, massive, and hugely expensive as designing and producing a passenger aircraft. They’re still working on their first prototype, and hope to fly it by late next year. But it’s also worth noting that the team behind the plane has some serious talent in its blood: the company’s 11 employees have collectively contributed to over 30 aircrafts — having worked on thin...
Post a Comment
Read more

Fun Tools to Translate Your Name into Japanese Calligraphy

Japanese calligraphy is an artistic writing style of the Japanese language. Its Chinese origins can be traced back to the twenty-eighth century BCE. Calligraphy found its way into Japanese culture in 600 CE and is known as the karayo tradition. For Westerners, calligraphy is forever fascinating. However, it takes years to learn how to properly draw the signs. Two basic principles must be known to understand Japanese writing: there are different writing styles and different alphabets. Kaisho for example, is a writing style most commonly used in print media. Tensho on the other hand is used in signatures. Other writing styles are Reisho, Gyosho and Sousho. The alphabets include Kanji, Hiragana, and Katakana. Katakana is used for writing foreign words. It can also serve to highlight words, in analogy to capital letters as we know them from the Roman / Latin alphabet (Romaji in Japanese). Each Kanji character has a meaning of its own, while Hiragana or Katakana characters merely repres...
Post a Comment
Read more