Vulnerability in Apple Mac Keyboards

keyboard-hackAll keyboards include a processors and memory chip. Apple keyboard is not an exception. They contain an 8 KB flash memory and 256 bytes of RAM. K.Chen researcher at Georgia institute of Technology presented at the Black Hat conference how it is easy to install a malicious code directly into the apple keyboard.

Cracking Apple Keyboard RAM is not difficult with the help of HIDFirmwareUpdaterTool this tool provides an update to the keyboard firmware remotely. So the way to implement a keylogger in the firmware is by reverse engineering the HID, run the program set a stop point and than just copy the new malicious code (rootkit..) to the firmware image and in a few second the keyboard is compromised. Well at this point it is obviously impossible to detect this keylogger while it is embedded in the keyboard so still no keyboard AV :-) and even formatting the PC will not help.

The case that K.Chen demonstrated was a simple keylogger which is able to reproduce the last five typed characters. Inside the keyboard due to the limitation in the storage just 1 KB but the interesting point that an infected website can remotely embed the rootkit in the keyboard.

After this presentation Apple announced that a utility for locking firmware should be available soon. The problem should be solved at both hardware level and at the level of firmware.

make sure you subscribe to my RSS feed!

You can leave a response, or trackback from your own site.