Malboard is a new sophisticated attack developed by security researchers at Israeli Ben-Gurion University of the Negev (BGU). The attack involves a compromised USB keyboard to generate and send malicious keystrokes that mimic user behavior.
What makes this attack sophisticated is the utilization of AI (artificial intelligence) that autonomously generates commands in the user’s style, injecting keystrokes as malicious software into the keyboard and evading detection.
The discovery is presented in a new paper titled “Malboard: A Novel User Keystroke Impersonation Attack and Trusted Detection Framework Based on Side-Channel Analysis”.
In general, keystrokes generated maliciously don’t match human typing and thus, they can easily be detected. With the help of artificial intelligence, however, the Malboard attack autonomously generates commands in the user’s style, injects the keystrokes as malicious software into the keyboard and evades detection. It’s important to note that the keyboards used in the research were products by Microsoft, Lenovo and Dell.
How was the Malboard attack tested?
30 people took three different keystroke tests against three detection mechanisms (KeyTrac, TypingDNA and DuckHunt). The researchers’ attack evaded detection in 83% to 100% of the cases, explains Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, and a member of the BGU Department of Industrial Engineering and Management.
“Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard,” the researcher added.
Note. Both the attack and detection mechanisms were developed as part of the master’s thesis of Nitzan Farhi, a BGU student and member of the USBEAT project at BGU’s Malware Lab, The Science Daily reported.
Another interesting attack involving the keyboard is the so-called Thermanator attack. The attack could allow a malicious actor with a mid-range thermal camera to capture keys pressed on a standard keyboard. The discovery was by three University of California professors. In short, users’ fingers’ thermal residue on keyboard keys can be recorded by a hacker who can later use it to reveal the user’s passwords or any other text he/she has typed.