There are security vulnerabilities in several Logitech keyboards, mice and wireless presenters that may allows an attacker to send keystrokes and infect the computer.
Many Logitech wireless input devices are vulnerable to wireless attacks and can pose a security risk. This is the conclusion of security expert Marcus Mengs, with whom c't has been in contact for quite some time. Mengs has investigated the wireless connections of several Logitech devices and found numerous weaknesses. They affect keyboards, mice as well as wireless presenters.
The vulnerabilities allow the attacker to eavesdrop on keystrokes and record typed mails, passwords and so on. The attacker can also become active himself and send his own key commands to his victim's computer. And that's no less dangerous, because it makes it easy to infect the computer with malicious code.
Mengs demonstrates how to infect a system with a backdoor (remote shell) through which he can control the system remotely by radio. The fact that Mengs uses Logitech radio not only to infect the system but also to communicate with the backdoor is particularly piquant. An attacker can thus also access computers that are not connected to a network.
The SecureDFU tool can be used to update the firmware of Unifying receivers. (Bild: c't)
If you want to protect yourself, follow these steps. First you should make sure that the latest firmware is installed on the USB receiver so that at least the security flaws from 2016 are fixed. Since the Unifying software doesn't do the job, you'll need to use the Logitech Firmware Update Tool SecureDFU. The current firmware versions are as follows:
The current firmware version can be checked using the Unifying software. As soon as the firmware update that has been announced for August is available, the USB receiver must be updated again. We will be informing you as soon as Logitech offers the update.
You can download the necessary tools here:
Download of the Logitech Firmware Updating Tools SecureDFU
Download of the Unifying software to view firmware version
But as mentioned above, the Unifying receivers remain vulnerable as the situation currently stands, even after the updates have been applied. Logitech strongly advises that "a computer (with a USB receiver) should always be kept where strangers cannot physically access or manipulate it. In addition, users should take common security measures to make it more difficult for others to access it." Strictly speaking, you would have to lock away the keyboards, too, since an attacker can extract the crypto key from radio traffic by pressing a few keys as described above. The USB receiver only needs to be in receiving mode. Additionally, Logitech reiterates that pairing should only be done "if it is ensured that there are no suspicious activities within a radius of 10 meters".