'security' loophole found in Wireless mouse

Hackers could gain access to home and cor­porate networks via security flaws in wireless mice, a research has suggested.
Weaknesses in the way mice swapped data with computers left them vulnerable, said se­curity firm Bastille Networks.
Attackers could spoof poorly protected signals letting them use PCs as if they were sitting in front of them, it said.
Information about the loop­holes have been passed to the makers of vulnerable mice, some of who are creating up­dates to make the mice more secure.
The radio signals sent by many wireless mice to a “don­gle” plugged in to a computer were often unencrypted, said Marc Newlin and Balint See­ber, from Bastille, who carried out the research.
“That makes it possible for the attacker to send unencrypt­ed traffic to the dongle pre­tending to be a keyboard and have it result as keystrokes on your computer,” Mr Newlin said.
By contrast, they said, sig­nals sent by wireless keyboards were scrambled to stop attack­ers eavesdropping on or spoof­ing them.
The pair found they could spoof signals for mice using a few lines of code and an antenna and dongle that cost $20 (£15).
The attack worked at distanc­es of up to 180m (590ft).
Using this kit, they sent spe­cially crafted mouse clicks that a computer interpreted as key presses, letting them run com­mands and take control of a tar­get machine.
The Bastille researchers said many companies spent a lot of time and money securing the physical devices sitting on their networks but often neglected to keep an eye on data sent via ra­dio.
Wireless mice produced by HP, Lenovo, Amazon and Dell were found to be vulnerable.
Bastille said it had reported its findings to the hardware makers and to the company that made the chipset used inside the spoo­fable mice.
Updates to the internal com­puter code, or firmware, for some of the vulnerable mice are now being made available.
But Bastille said many of the insecure mice it had found could not be updated