【惊!黑客仅需六英镑轻松洗劫银行】

【惊!黑客仅需六英镑轻松洗劫银行】近日,波兰的研究人员非常认真的研发了一款KeySweeper的设备,它长得很像充电器,只要它能连接进无线键盘,就能轻松追踪你在键盘输入的用户名、账号密码等。更要命的在于它从插座被拔下之后还能依靠电池工作,简直防不胜防啊!

The device, known as KeySweeper, looks and works like a typical USB wall charger (pictured), but uses a built-in chip to  ‘sniff’ for keystrokes typed onto nearby wireless keyboards. All of these strokes are then decrypted, logged and sent to a hacker over the web 

http://www.dailymail.co.uk/sciencetech/article-2910183/The-6-spy-box-tracks-type-Hacker-creates-USB-charger-steal-banking-details-remotely.html

For just £6, a hacker can create a covert device that tracks everything you type on a keyboard including usernames, credit card details and banking passwords.

The device, called KeySweeper, was built by a Poland-based security researcher and works with a range of wireless keyboards.

Once connected, the small USB wall charger remotely decrypts, logs and sends keystrokes to a hacker using specially designed software. 

KeySweeper was built by hardware hacker Samy Kamkar using an Arduino board, USB charger and Microsoft wireless keyboard.

These keyboards use a specific chip that runs on a frequency known as 2.4GHz RF protocol, which is how the communicate wirelessly.

As keystrokes are typed on wireless keyboards, they are typically encrypted as they move from the keyboard to computer.

By determining which chip a keyboard uses, Mr Kamkar can figure out how to decrypt these keys.

Once set up, the charger is plugged into the wall and ‘sniffs’, or ‘listens’ to all the keys the user types.

These keys are decrypted, logged and sent back to a hacker over the web, remotely, using Mr Kamkar’s KeySweeper software.

The technology can be configured to record everything, and even send a text alert to the hacker if a certain combination of keys is pressed.

For example, if the user types the URL for an online banking site, or enters a 16-digit number, which suggests it could be a credit card number.

And even if KeySweeper is unplugged, an internal battery will keep it running - although the battery life depends on the battery used.

The range of the KeySweeper is said to be on par with a standard Bluetooth device, at around 32ft (10 metres). 

Mr Kamkar used Microsoft keyboards, in particular, because they use the same protocol encryption, meaning once he had decrypted one, he could decrypt others.

In theory though, this process could be applied to any wireless keyboard.

Mr Kamkar has released the source code and instructions for building a KeySweeper, but advises against people doing so without an electrical background.

Last year, Israeli researchers created keylogging software that can steal keystrokes from computers even when they're not connected to the web, using so-called 'air gaps.'  

An air-gap or air wall is a network security measure.

It was designed to make sure secure computer networks are physically isolated from unsecured networks, such as the internet or a local area network.

The researchers from Israel designed computer software that logs keystrokes, and this software transmits these strokes via FM radio signals generated by the computer's graphics card.

The data is picked up by a nearby mobile, equipped to pick up radio signals.

In the example case, the researchers used a Samsung Galaxy S4 and had to plug in the headphones to get the radio receiver to work.

This can be done without being detected by the user, but does rely on the software being installed on the computer in the first place.

Since FM radio signals can travel over long distances, the receiver could be placed in another building.

 


Comments are closed.



无觅相关文章插件