Hit the KeyJack: stealing data from your daily wireless devices incognito

TL;DR

This paper introduces KeyJack, a low-cost device that exploits security vulnerabilities in wireless IoT devices, especially keyboards, to eavesdrop and potentially inject data, highlighting widespread security issues in 2.4GHz communication protocols.

Contribution

The paper presents a novel proof-of-concept device, KeyJack, demonstrating how to intercept and potentially manipulate data from wireless IoT devices using common 2.4GHz radio chips.

Findings

KeyJack can successfully eavesdrop on wireless keyboards.

Many IoT devices transmit data in plaintext, exposing them to security breaches.

The approach can be extended to other wireless devices using similar radio chips.

Abstract

Internet of Things (IoT) is one of the most fast-growing field in high technologies nowadays. Therefore, lots of electronic devices include wireless connections with several communication protocols (WiFi, ZigBee, Sigfox, LoRa and so on). Nevertheless, designers of such components do not take care of security features most of the time while focusing on communication reliability (speed, throughput and low power consumption). As a consequence, several wireless IoT devices transmit data in plaintext creating lots of security breaches for both eavesdropping and data injection attacks. This work introduces KeyJack, a preliminary proof-of-concept of a solution aiming to eavesdrop wireless devices and hopefully perform injection attacks afterwards. KeyJack operates on widely-used devices: our keyboards! This solution is based on low-cost embedded electronics and gives an attacker or a white hat hacker the possibility to retrieve data from John Doe's computer. This work also shows that this approach could be used to any wireless device using 2.4GHz radio chips like the NRF24L01 from Nordic Semiconductor.