Who's been typing on my keyboard?
The report only discusses hijacking the target computer, and it is not clear if the technique can also be used to log the keystrokes of the victim's keyboard. However, it seems straightforward that an attacker could use the capability to inject the commands for the target computer to download and execute a more significant malware payload. Of course, the computer would have to be unlocked for this to work, which would mean the attacker could see the victim's screen. Alternatively, an attacker could simply keep trying to send their commands, making sure to backspace and delete their attempt each time it fails.
It seems, some of the companies whose products are affected by this problem are already patching the firmware of their devices to protect users. However, users of Bluetooth input devices should be safe from this type of attack - for now!
Comments
Post a Comment