He has named the gadget as KeySweeper and has also released a do it yourself tutorial onGitHub.
Bugs Exploited
The machine, masquerades as a working USB wall charger.
It can be used to log every input a user keys in, onto his machine.
The apparent flaw in the Microsofts wireless keyboard transmitters has been exploited by the KeySweepers creator Samy Kamkar.
The KeySweeper uses GSM protocol to report back to the handlers thus making it very difficult to locate.
All keystrokes are logged online and locally.
SMS alerts are sent upon trigger words, usernames or URLs, exposing passwords.
If unplugged, KeySweeper continues to operate using its internal battery and auto-recharges upon repowering.
A web based tool allows live keystroke monitoring.
Microsoft keyboards are known to use encrytpion mechanisms before transmitting data.
Samy alleges to have found multiple bugs in the encryption which allowed him to decrypt the data being transfered.
Even if we do not know the MAC address, we can decrypt the keystroke.
A Microsoft spokesperson told VentureBeat that they are aware of reports about a KeySweeper unit and are investigating.
Since the nRF24L01+ chip can read the MAC address, the measure provides little security against moderately determined hackers.
To make things even easier on attackers, all Microsoft keyboards begin with 0xCD as the MAC.
However, those attacks needed much larger & powerful computer systems to work.
In comparison, a gear like KeySweeper is revolutionary.
Microsofts website lists only a single model of keyboard that offers that protection.
Where Microsoft keyboards are concerned, customers using our Bluetooth-enabled keyboards are protected from this bang out of attack.
source: www.techworm.net
