The FBI has issued a warning that keyloggers designed to look like and also work as USB device chargers have been found to be in distribution. The device, called KeySweeper was created by whitehat hacker Samy Kamkar. According to Samy, “KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
All keystrokes are logged online and locally. SMS alerts are sent upon trigger words, usernames or URLs, exposing passwords. If unplugged, KeySweeper continues to operate using its internal battery and auto-recharges upon repowering. A web based tool allows live keystroke monitoring.”
Samy shared a detailed video of how KeySweeper is designed on his website. It is suspected that someone has gone ahead to use that description.
The security risk of having such a device in an office environment is highly inestimable. The FBI offered advice to companies and office workers on how to mitigate the KeySweeper threat, and they include using wired keyboards, wireless keyboards with strong encryption, or keyboards using Bluetooth (with additional precautions to protect against a similar type of data-harvesting attack).
They also advise workers to keep an eye for suspicious chargers plugged into office outlets and remove them