http://www.dailymail.co.uk/sciencetech/article-2910183/The-6-spy-box-tracks-type-Hacker-creates-USB-charger-steal-banking-details-remotely.html


The £6 'spy box' that tracks EVERYTHING you type: Hacker creates a USB
charger that can steal banking details remotely

   - *KeySweeper device was created by security researcher Samy Kamkar*
   - *The covert device looks, and works, like a typical USB wall charger*
   - *It ‘sniffs’ and logs keystrokes made on nearby wireless keyboards *
   - *Device sends these decrypted, logged keystrokes to a hacker remotely*
   - *It can even alert a hacker by text message if a certain combination
   of keys is typed, such as web address for online banking or a credit card
   number*

By Victoria Woollaston
<http://www.dailymail.co.uk/home/search.html?s=&authornamef=Victoria+Woollaston>

Published: 12:15 EST, 14 January 2015



For just £6, a hacker can create a covert device that tracks everything you
type on a keyboard including usernames, credit card details and banking
passwords.

The device, called KeySweeper, was built by a Poland-based security
researcher and works with a range of wireless keyboards.

Once connected, the small USB wall charger remotely decrypts, logs and
sends keystrokes to a hacker using specially designed software.

[image: The device, known as KeySweeper, looks and works like a typical USB
wall charger (pictured), but uses a built-in chip to ‘sniff’ for keystrokes
typed onto nearby wireless keyboards. All of these strokes are then
decrypted, logged and sent to a hacker over the web ]

   - SHARE PICTURE
   -
   -
   -
   -
   -

Copy link to paste in your message

+3

The device, known as KeySweeper, looks and works like a typical USB wall
charger (pictured), but uses a built-in chip to ‘sniff’ for keystrokes
typed onto nearby wireless keyboards. All of these strokes are then
decrypted, logged and sent to a hacker over the web

KeySweeper was built by hardware hacker *Samy Kamkar * <http://samy.pl/>using
an Arduino board, USB charger and Microsoft wireless keyboard.

These keyboards use a specific chip that runs on a frequency known as
2.4GHz RF protocol, which is how the communicate wirelessly.

As keystrokes are typed on wireless keyboards, they are typically encrypted
as they move from the keyboard to computer.

By determining which chip a keyboard uses, Mr Kamkar can figure out how to
decrypt these keys.
HOW KEYSWEEPER WORKS

KeySweeper was built by hardware hacker Samy Kamkar using an Arduino board,
USB charger and Microsoft wireless keyboard.

These keyboards use a specific chip that runs on a frequency known as
2.4GHz RF protocol, which is how they communicate wirelessly.

As keystrokes are typed on wireless keyboards, they are typically encrypted
as they move from the keyboard to computer.

By determining which chip a keyboard uses, Mr Kamkar can figure out how to
decrypt these keys.

Once set up, the charger is plugged into the wall and ‘sniffs’, or
‘listens’ to all the keys the user types.

These keys are decrypted, logged and sent back to a hacker over the web,
remotely, using Mr Kamkar’s KeySweeper software.

The technology can be configured to record everything, and even send a text
to the hacker if a certain combination of keys is pressed.

Once set up, the charger is plugged into the wall and ‘sniffs’, or
‘listens’ to all the keys the user types.

These keys are decrypted, logged and sent back to a hacker over the web,
remotely, using Mr Kamkar’s KeySweeper software.

The technology can be configured to record everything, and even send a text
alert to the hacker if a certain combination of keys is pressed.

For example, if the user types the URL for an online banking site, or
enters a 16-digit number, which suggests it could be a credit card number.

And even if KeySweeper is unplugged, an internal battery will keep it
running - although the battery life depends on the battery used.

The range of the KeySweeper is said to be on par with a standard Bluetooth
device, at around 32ft (10 metres).

Mr Kamkar used Microsoft keyboards, in particular, because they use the
same protocol encryption, meaning once he had decrypted one, he could
decrypt others.

In theory though, this process could be applied to any wireless keyboard.

Mr Kamkar has released the source code and instructions for building a
KeySweeper, but advises against people doing so without an electrical
background.

Last year, Israeli researchers created keylogging software that can steal
keystrokes from computers even when they're not connected to the web, using
so-called 'air gaps.'

[image: The logged, decrypted keystrokes are sent to a hacker remotely
using the KeySweeper software (pictured). The technology can be configured
to record everything, and even send a text alert to the hacker if a certain
combination of keys is pressed, such as the web address for online banking
or a credit card number]

   - SHARE PICTURE
   -
   -
   -
   -
   -

Copy link to paste in your message

+3

The logged, decrypted keystrokes are sent to a hacker remotely using the
KeySweeper software (pictured). The technology can be configured to record
everything, and even send a text alert to the hacker if a certain
combination of keys is pressed, such as the web address for online banking
or a credit card number

[image: Samy Kamkar (pictured bottom right) has released instructions
(video grab pictured) for building a KeySweeper, but advises against people
doing so without an electrical background. Mr Kamkar used Microsoft
keyboards (pictured top) as an example because they use the same protocol
and encryption]

   - SHARE PICTURE
   -
   -
   -
   -
   -

Copy link to paste in your message

+3

Samy Kamkar (pictured bottom right) has released instructions (video grab
pictured) for building a KeySweeper, but advises against people doing so
without an electrical background. Mr Kamkar used Microsoft keyboards
(pictured top) as an example because they use the same protocol and
encryption

An air-gap or air wall is a network security measure.

It was designed to make sure secure computer networks are physically
isolated from unsecured networks, such as the internet or a local area
network.

The researchers from Israel designed computer software that logs
keystrokes, and this software transmits these strokes via FM radio signals
generated by the computer's graphics card.

The data is picked up by a nearby mobile, equipped to pick up radio signals.

In the example case, the researchers used a Samsung Galaxy S4 and had to
plug in the headphones to get the radio receiver to work.

This can be done without being detected by the user, but does rely on the
software being installed on the computer in the first place.

Since FM radio signals can travel over long distances, the receiver could
be placed in another building.




__._,_.___
 ------------------------------
Posted by: "beowulf" <[email protected]>
------------------------------


 Visit Your Group
<https://groups.yahoo.com/neo/groups/grendelreport/info;_ylc=X3oDMTJmaWplMTIwBF9TAzk3MzU5NzE0BGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDdnRsBHNsawN2Z2hwBHN0aW1lAzE0MjEyNjE4NDQ->

   - New Members
   
<https://groups.yahoo.com/neo/groups/grendelreport/members/all;_ylc=X3oDMTJnZXU0b2plBF9TAzk3MzU5NzE0BGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDdnRsBHNsawN2bWJycwRzdGltZQMxNDIxMjYxODQ0>
   1

 [image: Yahoo! Groups]
<https://groups.yahoo.com/neo;_ylc=X3oDMTJlYjg4MWd0BF9TAzk3NDc2NTkwBGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTQyMTI2MTg0NA-->
• Privacy <https://info.yahoo.com/privacy/us/yahoo/groups/details.html> •
Unsubscribe <[email protected]?subject=Unsubscribe>
• Terms of Use <https://info.yahoo.com/legal/us/yahoo/utos/terms/>

__,_._,___

-- 
-- 
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum

* Visit our other community at http://www.PoliticalForum.com/  
* It's active and moderated. Register and vote in our polls. 
* Read the latest breaking news, and more.

--- 
You received this message because you are subscribed to the Google Groups 
"PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to