New Attack Compromises Apple Keyboards

From DailyTech: No one wants to get their computer hacked or infected with viruses. For a long time, Windows PCs were the only real target of hackers and nefarious users, but as Apple Mac computers have become more popular hacks for these systems are now becoming more common.

A new hack that was demonstrated at DEFCON 2009 doesn't attack the software of Apple computers, rather it attacks the hardware.

Strangely it doesn't attack hardware inside the computer, rather the attack focuses on Apple's USB and Bluetooth keyboards. That means that once infected, the keyboard can’t simply be repaired with a firmware update. The man who devised the hack goes by K. Chen and says he goes by that name because of fear that he would be harassed by Mac fans.

Once infected, the keyboard spits the text most recently typed in reverse order back onto the screen of the computer each time the enter key is pressed. The demonstration shows that the hardware attack is capable of recording keystrokes and injecting them back to the host machine. The key logging capability of the attack can also reportedly work during the boot phase unlocking more hardware and encryption features.

When the keyboard is infected, it can be used to run a bash connect back shell and then give the attacker full control over the computer allowing a root kit to be installed. The level of control is enough that the hacker could wait until the computer was idle and then start the attack.

View: Article @ Source Site