[Closed] Question about security, keyboardio as a possible attack vector

Hi, I will start off saying I don’t know a terrible lot about Arduino, but a thought occured to me. My question is purely technical of course, keyboardio isn’t exactly common ownership, so someone setting up this kind of attack succesfully would yield probably too low chances at a hit for anyone to bother with it.

How feasible of an attack vector would it be to get a keylogger onto the arduino in the keyboard?

The keylogger might for example trigger on regular expression terms like “su\n”, “sudo*\n”, “* @ *\t” to extract accounts and passwords on other machines the keyboard gets hooked up to in the future.

Would it be able to transmit the findings back to the perpetrator using the connected machine as a proxy?

Thanks for humouring me. Asking as a buyer, not as an attacker. :slight_smile:

**Marked this as [closed], im not sure if theres a more appropriate term

Getting a keylogger onto a Model01 can only be done by flashing the firmware, which requires someone to physically hold down the prog key, and is accompanied by a characteristic sequence of keys lighting up. Effectively, it requires physical access.

A keylogger plugin could be written for Kaleidoscope that listens for a small number of sequences typed, and records the target data to the EEPROM, but there is very little space there (1024 bytes), so it couldn’t record lots of data. Transmitting it to the local host or a remote one would require some other type of pre-existing access to the computer it’s connected to. A program on the computer could listen on the serial port and record all the keys as they’re typed, and could also transmit that data to a remote host. But if the attacker is able to get such a program onto the target machine, he probably can just run a keylogger on it directly, instead of relying on the keyboard to do so. It would be extremely impractical, and nigh impossible without physical access to the keyboard.

If the attack was specifically targeted, and other keyloggers wouldn’t work for some reason (anti-virus measures, perhaps), maybe this could be done, but the likelihood of this happening is vanishingly small.

2 Likes

If the attack requires the connected machine to be compromised, then the attack is forfeit. My concern was getting malware on the keyboard that could transmit remotely without further tampering. 100% safety against physical access would have been cumbersome.

Thank you.