Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can a Wireless Mouse Have a Virus?


  • Please log in to reply
29 replies to this topic

#16 Mike_Walsh

Mike_Walsh

    Bleepin' 'Puppy' nut..!!


  • Members
  • 1,408 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:King's Lynn, UK
  • Local time:11:45 AM

Posted 05 February 2018 - 06:55 AM

Why all this focus on a mouse?

In my limited experience...the mouse itself is more likely to fail and need to be replaced...than to assume that anything as nefarious as malware is at work.

If you take your system to a shop...they will plug in a shop mouse, keyboard, and monitor to access your system and attempt to troubleshoot system problems. I would say that all this focus on a mouse for anything other than a computer peripheral...is making a mountain out of a molehill.

Louis

^^^ +1.

 

 

Mike.  :wink:


Distros:- Multiple 'Puppies'..... and Anti-X 16.1

My Puppy BLOG ~~~  My Puppy PACKAGES

Compaq Presario SR1916UK; Athlon64 X2 3800+, 3 GB RAM, WD 500GB Caviar 'Blue', 32GB Kingspec PATA SSD, 3 TB Seagate 'Expansion' external HDD, ATI Radeon Xpress 200 graphics, Dell 15.1" pNp monitor (1024 x 768), TP-Link PCI-e USB 3.0 card, Logitech c920 HD Pro webcam, self-powered 7-port USB 2.0 hub

Dell Inspiron 1100; 2.6 GHz 400FSB P4, 1.5 GB RAM, 64GB KingSpec IDE SSD, Intel 'Extreme' graphics, 1 TB Seagate 'Expansion' external HDD, M$ HD-3000 'Lifecam'.

 

KXhaWqy.gifFQ8nrJ3.gif

 

 


BC AdBot (Login to Remove)

 


#17 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 05 February 2018 - 10:56 AM

Probably nothing to be concerned about.  But there is a slight risk in the firmware of any USB device.  "BadUSB" ... https://www.wired.com/2014/07/usb-security/

 

All manner of USB devices from keyboards and mice to smartphones have firmware that can be reprogrammed—in addition to USB memory sticks, Nohl and Lell say they’ve also tested their attack on an Android handset plugged into a PC. And once a BadUSB-infected device is connected to a computer, Nohl and Lell describe a grab bag of evil tricks it can play. It can, for example, replace software being installed with with a corrupted or backdoored version. It can even impersonate a USB keyboard to suddenly start typing commands. “It can do whatever you can do with a keyboard

 

ensuring that their USB's firmware hasn't been tampered with is nearly impossible. The devices don't have a restriction known as “code-signing,” a countermeasure that would make sure any new code added to the device has the unforgeable cryptographic signature of its manufacturer. There's not even any trusted USB firmware to compare the code against.


#18 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 05 March 2018 - 09:06 AM

Well maybe a USB mouse cannot contain a 'virus' in the strictest definition of that term ( https://en.wikipedia.org/wiki/Computer_virus ), but it could still contain an exploit in the firmware of the USB device.

 

Researchers have shown that many USB devices other than just those with flash memory can have their firmware reprogrammed and compromised. 

 

So widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc.can have attack vectors.



#19 Mind_001

Mind_001

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:/home/
  • Local time:05:45 AM

Posted 05 March 2018 - 11:54 AM

Well, there is this...

 

https://gizmodo.com/this-concept-mouse-has-a-whole-computer-inside-it-1680886768

 

But I won't get into that...



#20 Allan

Allan

  • BC Advisor
  • 8,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:06:45 AM

Posted 05 March 2018 - 12:54 PM

sigh. PLEASE - let this thread die a peaceful death.



#21 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 05 March 2018 - 01:47 PM

sigh. PLEASE - let this thread die a peaceful death.

 

Why would you say something like that?

 

Denying the facts won't make them disappear.

 

In post #3 you stated a clear "No" as the definitive answer, without including any facts to support your statement, as if you were the final authority on the question.

 

There are malware researchers that would challenge your answer.  It is most likely not a common threat, but nevertheless, it is still not a zero percent possibility.


Edited by zzz00m, 05 March 2018 - 01:53 PM.


#22 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 05 March 2018 - 01:55 PM

Suggest a Google search on "Bad USB".  This is not "fake news".  In fact, it is "old news".

 

https://mashable.com/2014/10/03/bad-usb/

 

BadUSB revolves around the fact that many different devices plug into the same USB connectors. By hacking the code of the USB micro-controller of an "innocent" device, like a USB memory stick, you can turn it into something far more capable, such as a keyboard or a network card. Stick the device into a computer and it could execute commands or even a malicious program without the owner knowing.

This is made worse by the fact that malware scanners cannot access the firmware running on USB devices, meaning they cannot fix the problem.

Edited by zzz00m, 05 March 2018 - 01:58 PM.


#23 Mind_001

Mind_001

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:/home/
  • Local time:05:45 AM

Posted 05 March 2018 - 04:15 PM

 

Suggest a Google search on "Bad USB".  This is not "fake news".  In fact, it is "old news".

 

https://mashable.com/2014/10/03/bad-usb/

 

 

 

BadUSB revolves around the fact that many different devices plug into the same USB connectors. By hacking the code of the USB micro-controller of an "innocent" device, like a USB memory stick, you can turn it into something far more capable, such as a keyboard or a network card. Stick the device into a computer and it could execute commands or even a malicious program without the owner knowing.

This is made worse by the fact that malware scanners cannot access the firmware running on USB devices, meaning they cannot fix the problem.

 

 

A USB memory stick has a hell lot more storage then a mouse...



#24 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 05 March 2018 - 05:20 PM

 

 

Suggest a Google search on "Bad USB".  This is not "fake news".  In fact, it is "old news".

 

https://mashable.com/2014/10/03/bad-usb/

 

 

 

BadUSB revolves around the fact that many different devices plug into the same USB connectors. By hacking the code of the USB micro-controller of an "innocent" device, like a USB memory stick, you can turn it into something far more capable, such as a keyboard or a network card. Stick the device into a computer and it could execute commands or even a malicious program without the owner knowing.

This is made worse by the fact that malware scanners cannot access the firmware running on USB devices, meaning they cannot fix the problem.

 

 

A USB memory stick has a hell lot more storage then a mouse...

 

Read up on the exploit itself.  It is a method that does not use the flash memory in the stick.  Rather than being file based and infecting files, It hacks the USB firmware in the USB micro-controller, and the attack code can remain hidden from anti-malware scanners..  So in theory, any USB device can be altered if its microcode can be changed.  Thumb drives are one example, but it isn't limited to them.

 

https://www.wired.com/2014/07/usb-security/

 

The problem isn’t limited to thumb drives. All manner of USB devices from keyboards and mice to smartphones have firmware that can be reprogrammed—in addition to USB memory sticks

 

It can, for example, replace software being installed with with a corrupted or backdoored version. It can even impersonate a USB keyboard to suddenly start typing commands. “It can do whatever you can do with a keyboard, which is basically everything a computer does

 

When WIRED contacted the USB Implementers Forum, a nonprofit corporation that oversees the USB standard, spokeswoman Liz Nardozza responded in a statement. “Consumers should always ensure their devices are from a trusted source and that only trusted sources interact with their devices,” she wrote. “Consumers safeguard their personal belongings and the same effort should be applied to protect themselves when it comes to technology.


#25 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,000 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:06:45 AM

Posted 05 March 2018 - 10:31 PM

I suggest that those who want to assert that the highly improbable is actually a reasonable possibility are not being helpful

 

Each and every one of us could possibly be struck dead by a meteor when we step outside our door each morning.  The probability of same is very very close to zero.

 

The probability of a USB wireless mouse, purchased new, and made by any major maker being compromised is so close to zero as to be not worth considering.  It really is that simple.

 

This thread is dead for anyone with a lick of common sense.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#26 Kellysi

Kellysi

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:45 AM

Posted 06 March 2018 - 06:04 AM

Why all this focus on a mouse?

In my limited experience...the mouse itself is more likely to fail and need to be replaced...than to assume that anything as nefarious as malware is at work.

If you take your system to a shop...they will plug in a shop mouse, keyboard, and monitor to access your system and attempt to troubleshoot system problems. I would say that all this focus on a mouse for anything other than a computer peripheral...is making a mountain out of a molehill.

Louis

Here here, the issue is still not solved, although it is an interesting subject I have to admit. But I guess its always like that when such subject pops up.



#27 zzz00m

zzz00m

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 06 March 2018 - 09:16 AM

The probability of a USB wireless mouse, purchased new, and made by any major maker being compromised is so close to zero as to be not worth considering.  It really is that simple.

 

Agree with that 100%.  :thumbup2:

 

I would avoid buying used, or shady grey market USB devices.  I only contributed to this discussion because some early responses referred to the memory (or lack of) in the mouse, or the mouse software.  Just wanted to add the perspective that it can be the USB controller in the device that can be compromised, not the mouse itself. 

 

But even after the purchase of a 'clean' USB device, vulnerable USB firmware could still be tampered with if you plugged the mouse into a compromised computer.  This is just an educational discussion, not a 'sky is falling' type of rant.  Anybody interested in the field of computer security should at least be curious about these things.  I have over 35+ years experience as an IT professional, and it is the discovery of little details such as this that continue to remind me of the things we have yet to learn.  Not all of it is immediately useful, or practical to know in a day to day manner.  But knowing this stuff surely won't dumb you down or fill up your brain cells.

 

In fact I am running HitmanPro.Alert, by Sophos, which has a dedicated system hardening function just for "BadUSB' to stop malicious USB devices.  So it is not a completely unknown vector.  Sophos has also included the HitmanPro technologies into their next gen Intercept X enterprise endpoint protection.  It is all about risk reduction. 


Edited by zzz00m, 06 March 2018 - 09:19 AM.


#28 MarkMackerel

MarkMackerel

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:11:45 AM

Posted 10 March 2018 - 08:43 PM

When the Hacking Team email dump was put online, we saw that most countries had contacted and had meetings with Hacking Team and it's reasonable to assume that they might have purchased surveillance software. While I do agree that a new mouse bought from a trusted company is unlikely to have any malware on it, it's possible. 



#29 Guest_Joe C_*

Guest_Joe C_*

  • Guests
  • OFFLINE
  •  

Posted 10 March 2018 - 10:35 PM

:deadhorse:



#30 Chertoff

Chertoff

  • Members
  • 20 posts
  • OFFLINE
  •  

Posted 20 March 2018 - 03:43 AM

It is possible but not with new wireless mouses that you purchase.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users