Near the end of April, the FBI released an issue of a public alert in regards to KeySweeper. KeySweeper is a piece of custom designed hardware that had been created by security researcher, Samy Kamkar, as a way to provide a proof-of-concept project. His project is fully capable of stealing keystrokes from wireless Microsoft keyboards by the ability to intercept nearby radio signals and then decrypting the Microsoft Keyboards Protocol.
This new device operates on top of the known Arduino board. This is so tiny; it is able to fit just inside the case of a regular USB charger. Since the USB chargers are becoming a commonplace with the proliferation of mobile technologies that includes the smartphones and tablets, one seeing a device plugged into a wall socket, as well as abandoned in a typical office, is not too far out from ordinary in today’s technology world.
The FBI is now warning companies to provide a limitation to the number of outlets that are steadily available for the use of charging. They are instructing employees to recognize who has chargers that are currently plugged in, as well as not leaving your devices unattended at any charger connected into a wall, if it is not used.
Ultimately companies are also instructed on limiting the use of wireless keyboards. By switching to a wired keyboard, or one that utilizes Bluetooth communications, would be much more secure. However, if in fact that said company utilizse the Bluetooth keyboards, the FBI also instructs them to put in place strong encryption, as well as a strong PIN for secure connection.
The KeySweeper is not capable of harvesting your every keystroke from Bluetooth Keyboards. Kamkar only created the device for harvesting the RF-Based wireless keyboards that had been created and sold by Microsoft. While Microsoft keeps their documentation in the open for everyone, anyone is able to easily adapt to other platforms and other manufacturers.
While this is some massive damage control after Kamkar’s announcement just last year, Microsoft had also stated that the keyboards that are operating on the 2.4 GHz frequency are also manufactured after 2011. Thus, they are also safe due to Thoy that utilizes Advanced Encryption Standard (AES) encryption for the use of securing the users keystrokes between the keyboard and the respective computer.
You can watch a video about how this new device operates on YouTube
Sources: SoftPedia, AmericanBar, YouTube.
**Please download a PDF version of this article for offline future reading HERE**
This article (FBI Warning Citizens of Wireless Keystroke Loggers) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com
