Malboard Exploit Mimics A User’s Keystrokes

An  ingenious new exploit called Malboard has been developed by Israeli researchers. By emulationg user keyboard behaviour Malboard is capaable of evading several current attack detection products which are designed to continuously verify the identity of user based on personalised keystroke characteristics.

Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Ben Gurion University , said: “In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. “Our attack evaded detection in 83% to 100% of the cases.”

Mimic Personalised Keystrokes 
In this cyber-attack, a compromised USB keyboard automatically generates and sends malicious keystrokes which mimic the attacked user’s personalised keystroke characteristics. Usually maliciously generated keystrokes do not match human typing so they are easily detected. However, Malboard using artificial intelligence to generate commands autonomously and in the style of the user to inject the keystrokes as malicious software into the keyboard. The keyboards used to test this attack in the research were products by Microsoft, Lenovo and Dell.

Remote & Inside Cyber Attacks
Dr. Nir Nissim explained: “Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard.”

New Methods of Detection
The cyber-attack and new detection mechanisms were developed as part of Nitzan Farhi’s master’s thesis. Farhi is a BGU student and member of the USBEAT project at BGU’s Malware Lab, and explained: 

“Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission. 

“These include the keyboard’s power consumption; the keystrokes’ sound; and) the user’s behaviour associated with his or her ability to respond to typographical errors.”

SciTechEuropa

You Might Also Read:

How Companies Can Minimise Cyber Attack Damage:

Cybersecurity: The Human Dynamic:

 

 

 

« GDPR Is Now 1-Year Old
30% Of Business Leaders Would Pay Ransom »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

Happiest Minds Technologies

Happiest Minds Technologies

Happiest Minds offers domain centric solutions in IT Services, Product Engineering, Infrastructure Management and Security.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

Privacera

Privacera

Privacera enables consistent data governance, security, and compliance across all your data services - on-premises and in the cloud - so you can maximize the value of your data.

Pentest Limited

Pentest Limited

Pentest Limited provide information security consultation, penetration testing & red teaming services to companies across the globe.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Code First Girls

Code First Girls

Code First Girls are on a mission to close the gender gap in the tech industry by providing employment through free education.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.

OmniIndex

OmniIndex

OmniIndex PostgresBC is the only commercial solution allowing you to keep your most sensitive and critical data encrypted while analyzing it. Structured and unstructured.