Symantec warns of wireless keyboard security threat

Wireless keyboards could be exposing sensitive information

Security firm Symantec has uncovered a new form of attack aimed at users of wireless keyboards.

The warning follows the release of Keykeriki, an open-source 'sniffer' project that allows users to remotely decode wireless transmissions.

Symantec said that this effectively creates a new type of key-logger that could be used by cyber-criminals to steal sensitive data such as user names, passwords and bank details.

The project was created by a site called remote-exploit.org. "This open-source hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only)," the site notes.

Symantec warned that, although the creator's intentions appear honourable, making the software code and hardware schematics open to everyone means that criminals could use the software to eavesdrop on wireless keyboard inputs.

The criminals would not have to install anything on the host system, but would simply have to be in range of the keyboard's wireless signal.

Remote-exploit.org claimed that it has plans for add-on modules that include an LCD display and an interface that works with an iPhone.

Symantec said that future wireless keyboards should introduce encrypted communication between the device and the receiver, and warned those working on office or public computers to resort to wired keyboards for the time being.