Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can mouse internal memory be infected by a virus?


  • Please log in to reply
11 replies to this topic

#1 Arstone112

Arstone112

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:06:23 PM

Posted 06 December 2010 - 08:04 PM

I am thinking of buying a gaming mouse which has internal memory that allows you to store profiles and such for gaming on the fly. I am concerned though that this may be a potential way to harbour unwanted viruses, i.e, format hard drive to get rid of virus, yet it still lingers on this mouse, waiting to be plugged back in on a clean PC. Would this be possible and is it a noteable reason to avoid purchasing something like this for security reasons?

Thanks for your reply

BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:23 AM

Posted 07 December 2010 - 04:39 AM

Can you provide more details, is the memory a USB stick?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 PM

Posted 07 December 2010 - 04:59 AM

I don`t believe the profiles are stored in the mouse in any way, shape, or form.

Gaming mice that allow the creation of profiles use programs that are installed along with the mouse. The profiles are stored on the hard drive along with the installed program and all other software.

#4 Platypus

Platypus

  • Moderator
  • 14,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:23 AM

Posted 07 December 2010 - 05:50 AM

There are gaming mouse/keyboard systems with internal flash RAM to hold profiles.

Not having used them myself, I can't say whether any make the internal memory mountable as a USB mass storage drive. I do find some references of folk saying some Logitech models don't. That would make sense for the application, as the storage space is small, and is directly accessed by the driver.

If the storage does appear as a mass storage device, you'd need to take the same precautions as for any flash drive. If it doesn't, I'd suspect it's not impossible for it to be used as a vector for infection, but unlikely. Since the drivers to access the storage still have to be installed seperately (possibly from a flash drive or internet download), that would seem to be more likely and less difficult as a means of possible infection.

Top 5 things that never get done:

1.


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:23 AM

Posted 07 December 2010 - 06:33 AM

If it doesn't, I'd suspect it's not impossible for it to be used as a vector for infection, but unlikely. Since the drivers to access the storage still have to be installed seperately (possibly from a flash drive or internet download), that would seem to be more likely and less difficult as a means of possible infection.


To be used as a vector, it must not only be possible for malware to store itself in the mouse's memory, but there must also be an auto-execution mechanism (by design or via a vulnerability), so that malware can execute automatically when you plug the mouse in a (clean) machine.
IMHO, makes it even less likely, but it depends on the design.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 Platypus

Platypus

  • Moderator
  • 14,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:23 AM

Posted 07 December 2010 - 06:52 AM

I agree, DEP should make the prospect extremely unlikely, but I wasn't prepared to declare it impossible, otherwise someone who knows more than me might come along and explain why it is possible... :)

Personally I think the very limited scope (specialist gaming mice/keyboards) would hardly warrant the attention of malware developers anyway.

Top 5 things that never get done:

1.


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:23 AM

Posted 07 December 2010 - 07:19 AM

Personally I think the very limited scope (specialist gaming mice/keyboards) would hardly warrant the attention of malware developers anyway.


You're probably right, but I'm not familiar at all with the gaming world and how popular these mice are.
But I do know malware authors are interested in gamers, cfr. password stealers targeting WoW and other games.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 Platypus

Platypus

  • Moderator
  • 14,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:23 AM

Posted 07 December 2010 - 07:40 AM

I do know malware authors are interested in gamers

Fair point.

Top 5 things that never get done:

1.


#9 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 PM

Posted 07 December 2010 - 04:28 PM

There are gaming mouse/keyboard systems with internal flash RAM to hold profiles.


:o Learn something new every day.

Guess you can tell what a heavy Gamer I am. :whistle:

#10 Platypus

Platypus

  • Moderator
  • 14,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:23 AM

Posted 07 December 2010 - 05:52 PM

The last computer game I actually played was Duke Nukem: Manhattan Project (2002 release).

Top 5 things that never get done:

1.


#11 Arstone112

Arstone112
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:06:23 PM

Posted 08 December 2010 - 12:09 AM

Well the product description of this mouse is that it has "On Board Memory". Is this the kind of thing that could harbour a virus?

#12 Platypus

Platypus

  • Moderator
  • 14,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:23 AM

Posted 08 December 2010 - 01:53 AM

From the vague description they provide, I don't think we can decide. But unless its onboard memory appears as a mass storage drive, we feel it's extremely unlikely that a virus could be stored and more importantly activated from there.

Top 5 things that never get done:

1.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users