Don’t Let Your Wireless Mouse or Keyboard Get Hacked

You may be familiar with how hacking works and how people can gain access to your computer across the Internet. It may seem weird to believe that hackers can crack into wireless mice and keyboard adapters and use them for their own purposes. Unfortunately, it’s not as strange as you may think! Exploiting a security flaw in some adapters, hackers can now control or monitor the inputs a user makes into a computer from within a 100 meter radius. While very scary, don’t worry; we’ll guide you through what this attack does, and how to protect against it.

How It Works

To understand how this hijack works, let’s take a look at how the wireless adapters operate. You plug the adapter into a USB port and turn on your wireless mouse or keyboard. As you use the mouse or keyboard, it tells your receiver what it’s doing, such as when you move the mouse, click a button, or type a key.


Theoretically, this opens up an avenue for exploitation. If you can imagine someone connecting to your wireless adapter and pretending to be a wireless mouse or keyboard, they would then have control over the mouse and keyboard of that user’s computer. They can then use this control to perform undesirable actions on that computer.

But surely manufacturers thought of this and built defenses into their adapters. This is true; not all wireless keyboards and mice have this flaw. However, some do, and there’s a story behind how this flaw slipped the Net.

How This Happened

According to Wired, the reason these devices are so open to spoofed inputs is due to a chip made by Nordic Semiconductor. Nordic sold the chips to manufacturers without any security on them. The idea is that Nordic placed the option for security on the chips and allowed the manufacturers to code their own security measures. Unfortunately, some manufacturers of wireless keyboards and mice didn’t take full advantage of this feature. The result are some chips that were sold to consumers came with less-than-stellar security on them.

The security flaw comes in two levels. The first is when the data is “unencrypted”, allowing hijackers to read and send data to the adapter. The second is when data is encrypted but doesn’t properly check if the device it’s receiving commands from is legitimate. In this case, should the encryption be cracked, hackers could send data with very little problem.

The Attack

So, let’s assume someone is using one of these vulnerable adapters. How would one of these hacks play out?

First of all, a hacker intending on hijacking a wireless adapter does not need expensive specialised equipment. Just a $15 antenna and a few lines of Python code grants them access to any adapter within a 100 meter radius. The adapter used in the Wired article looked like the following image.


Not something you’d easily spot in a public place!

Once a hacker locates an open adapter, they can do one of two things:

  • They can begin to send data to the adapter to mimic keyboard and mouse behaviour.  At this point they can redirect the user’s computer in ways the user may not want them to. A destructive hacker may delete files and folders, while a more cunning one will direct the victim’s computer to download and install malware.
  • Otherwise, they can access the adapter and use it to look at what you’re inputting. This means any passwords or vital information typed by the wireless keyboard can be read by the hacker and be used to log in to sensitive accounts.

People often keep computers disconnected from the Internet to prevent these kinds of attacks happening. Unfortunately, with a vulnerable wireless adapter installed, it’s not as safe as first hoped!

How to Defend Yourself

So, what can you do to help protect against these kinds of attacks?


Check Your Device

First of all, you need to make sure that the device you’re using is actually vulnerable to attacks. Some manufacturers didn’t put in adequate security into their products, but not all. There’s a chance that you own a device which has proper security installed already. To check if your device is susceptible to this hacking method, check this link and this link to see if your device is listed.

Update Firmware

If it’s not there, then everything’s fine. But what if your device is listed – what do you do then? First of all, check to see if your device has a firmware update that fixes this exploit. You can do this by going to the website of the company that supplied your hardware and checking their drivers section for downloads. When you download a driver, make sure the notes state specifically that it fixes this issue.

Go Wired

You may find, however, that the manufacturer has long abandoned your device for updates and that you’re out of luck. So now what? Go wired, of course! They can try as hard as they can, but hackers won’t be able to hack a wired connection through the air. It’s absolutely your safest bet for keeping your hardware safe from hijacking.

Find A Stronger Device

If going wired is not an option, you can consider purchasing hardware where adequate security is present on the device. Check up on vendors that don’t appear on the vulnerable devices lists and purchase the product they sell. You can also use a Bluetooth device if your computer uses it, but you need to be aware of the security issues surrounding Bluetooth as well.

Lock Your PC

If you’re truly stuck for options, locking your computer while unattended will at least keep it from being used while you’re not watching it. It still won’t stop keyloggers from getting information, and it may feel like delaying the inevitable, so it’s not ideal.

Keeping Safe

While this method of hijacking your computer sounds very scary, being knowledgeable on what devices are affected and taking action can protect you. Do you know of any cases where someone’s wireless devices were hijacked? Does it scare you, or do you feel it’s too troublesome to work in a real life scenario? Please let us know in the comments.

Simon Batt Simon Batt

Simon Batt is a Computer Science graduate with a passion for cybersecurity.


  1. Funny enough, I’ve NEVER like wireless ANYTHING (aside from TV remotes that is!) I’ve always preferred to play games on my XBox / PS3 with WIRED controllers. (Who has time for changing batteries…and why does it always need changing just before you’re about to kill off the boss fight?..LoL!) And the same applies with USB mice, why the need for using something with batteries, and what happens when the batteries die?…well now you have to go back to using the touchpad, (which we’ll hope is NOT broken!) Sometimes convenience can be a minus and not a plus.

  2. Let’s not panic please…

    This article is a bit scary without a reason at all..!!! Let’s say a few truths here please..!!!

    1] The wireless connections can be compromised as easily as your internet connection BUT it depends firstly on the hardware you use and secondly the OS you are using. For example if you use Linux which is up to date and with strong passwords the chance of getting hacked is nearly zero.
    2] You must use specific hardware equipment to mimic keyboard or mouse like rubberDucky is doing (it quacks like a keyboard). But you have to be physically connect the usb of the computer you want to hack so…pointless in our case.
    3] These “open” wireless devices cannot be found out in the open market. So you have to know what and from who you are going to buy because they can easily backfire this in your own face very quickly. (You understand right?)

    I will give some tips for thought …

    4] Wireless routers can be compromised because most of them are using old protocols encryptions like wep/wpa and a lot of the users are enabling the wps option which is the easiest to hack. Besides most of the users are leaving unchanged the providers or the manufactures passwords. In addition the users are using very week passwords like birthdays or telephone numbers or their names scrambled with wild characters or combinations of the above. A look in the facebook will give the hackers a change to find easily a lot of info people freely publish for themselves.
    5] One more info -tip of the wireless routers … Most of the attackers if the password is strong must be close and listen many days on your wireless traffic if they want to break the password ….now if your router is at home you can make it to transmit only inside your walls or in the direction you want. There are very neat tricks or reflectors to point the wireless signal anywhere you want…look it in the google.
    6] It is NOT only a few lines of python code to emulate a communication. no not a all …!!! If you want to make something yourself and not to relay on others then you have to make scripts with much code and this depends of what are you trying to do of course …. so it is not easy even for a experienced programmer to do such a thing.

    Final thoughts

    People who actually want to do these kind of attacks will not target you unless you are the kid of someone rich or famous. People who will target you are not serious hackers but kids playing with “weapons” they do not understand. Some of them are succeeding but in the majority are ignorant of programming and IT security related stuff..!!!

    Have a nice day.

    P.S. There is a good hacker because most of times there is a BAD administrator.!@!!!!!!!!!

Comments are closed.