Hackers gain access to computers through plug-and-play mice and there's no fix yet
Irvine, California - California-based company Razer produces popular gaming equipment, but their computer mice have a vulnerability that leaves users open to having their devices hacked – with no solution so far.
Digital Trends reports that while a hacker has to have actual access to a computer, pulling off an attack wouldn't be that hard to do, as proven by some anonymous hackers who flagged the flaw to Razer.
A scenario could go like this: you leave your laptop sitting on the desk in your office while you attend a meeting. If someone were to take just a few minutes and insert the very tiny wireless receiver for a Razer mouse into an open USB port, perhaps in the back of the computer where it would go unnoticed, they would then be able to gain access to the full PC.
Windows automatically begins to run the system process called "Razer installer" when the receiver is plugged in, giving the hacker the system privileges to install other, potentially nefarious drivers and run other commands.
Once this is completed, the process can be saved and set to run the next time the user boots up their computer without their knowledge.
MSPoweruser reports that the hack can even be carried out without the physical mouse, as the USB ID can be spoofed, and the fault lies with Razer.
Cover photo: 123RF/ milanteann