HP Inc wireless mouse can be spoofed
By our reckoning this means a mouse could let a RAT into your computer
If you're using an HP Inc wireless keyboard/mouse combo and the cursor starts behaving badly, someone might be pranking you.
That's because the wireless mouse in the ERK-321A bundle is unencrypted: anyone can sniff its signals, learn its protocol and commands, and inject their own signal in a spoofing attack.
They used a Logitech USB radio dongle, research firmware from Bastille and custom software to create their proof-of-concept.
With that, if a user's workstation was unlocked, the pentesters could send “a list of mouse actions that start the virtual on-screen keyboard of the operating system and execute arbitrary commands in the context of the currently logged in user, for instance a download and execute attack vector.”
If the attacker can see the victim's screen, it's easy, but the notice says a bit of extra heuristic smarts can run an attack even without seeing the screen: with heuristics.
They note that the attack isn't operating-system specific. ®