Malboard Exploit Mimics A User’s Keystrokes

An  ingenious new exploit called Malboard has been developed by Israeli researchers. By emulationg user keyboard behaviour Malboard is capaable of evading several current attack detection products which are designed to continuously verify the identity of user based on personalised keystroke characteristics.

Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Ben Gurion University , said: “In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. “Our attack evaded detection in 83% to 100% of the cases.”

Mimic Personalised Keystrokes 
In this cyber-attack, a compromised USB keyboard automatically generates and sends malicious keystrokes which mimic the attacked user’s personalised keystroke characteristics. Usually maliciously generated keystrokes do not match human typing so they are easily detected. However, Malboard using artificial intelligence to generate commands autonomously and in the style of the user to inject the keystrokes as malicious software into the keyboard. The keyboards used to test this attack in the research were products by Microsoft, Lenovo and Dell.

Remote & Inside Cyber Attacks
Dr. Nir Nissim explained: “Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard.”

New Methods of Detection
The cyber-attack and new detection mechanisms were developed as part of Nitzan Farhi’s master’s thesis. Farhi is a BGU student and member of the USBEAT project at BGU’s Malware Lab, and explained: 

“Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission. 

“These include the keyboard’s power consumption; the keystrokes’ sound; and) the user’s behaviour associated with his or her ability to respond to typographical errors.”

SciTechEuropa

You Might Also Read:

How Companies Can Minimise Cyber Attack Damage:

Cybersecurity: The Human Dynamic:

 

 

 

« GDPR Is Now 1-Year Old
30% Of Business Leaders Would Pay Ransom »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Arista Networks

Arista Networks

Arista Networks is an industry leader in data-driven, client to cloud networking for large data center, campus and routing environments.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

SK IT Cyber Security

SK IT Cyber Security

SK IT provide services and solutions for cybersecurity and advanced information system engineering.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

Securd

Securd

Securd takes opportunities away from your cyber adversaries. Cloud-delivered zero-trust DNS firewall and web filtering protection keep your business network and remote employees safe.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Marcum Technology

Marcum Technology

Marcum Technology consultants are focused on helping you reach your company’s full potential by exploring creative ways to integrate tomorrow’s technology into your business today.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

VicOne

VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry.

StealthMole

StealthMole

StealthMole is a deep and dark web threat intelligence company that delivers a cloud-based, unified platform for digital investigation, risk assessment, and threat monitoring.