Malboard Exploit Mimics A User’s Keystrokes

Uploaded on 2019-07-03 in TECHNOLOGY--Hackers, FREE TO VIEW

An  ingenious new exploit called Malboard has been developed by Israeli researchers. By emulationg user keyboard behaviour Malboard is capaable of evading several current attack detection products which are designed to continuously verify the identity of user based on personalised keystroke characteristics.

Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Ben Gurion University , said: “In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. “Our attack evaded detection in 83% to 100% of the cases.”

Mimic Personalised Keystrokes 
In this cyber-attack, a compromised USB keyboard automatically generates and sends malicious keystrokes which mimic the attacked user’s personalised keystroke characteristics. Usually maliciously generated keystrokes do not match human typing so they are easily detected. However, Malboard using artificial intelligence to generate commands autonomously and in the style of the user to inject the keystrokes as malicious software into the keyboard. The keyboards used to test this attack in the research were products by Microsoft, Lenovo and Dell.

Remote & Inside Cyber Attacks
Dr. Nir Nissim explained: “Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard.”

New Methods of Detection
The cyber-attack and new detection mechanisms were developed as part of Nitzan Farhi’s master’s thesis. Farhi is a BGU student and member of the USBEAT project at BGU’s Malware Lab, and explained: 

“Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission. 

“These include the keyboard’s power consumption; the keystrokes’ sound; and) the user’s behaviour associated with his or her ability to respond to typographical errors.”

SciTechEuropa

You Might Also Read:

How Companies Can Minimise Cyber Attack Damage:

Cybersecurity: The Human Dynamic:

 

 

 

« GDPR Is Now 1-Year Old
30% Of Business Leaders Would Pay Ransom »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

S4x Events

S4x Events

S4x are the most advanced and largest ICS cyber security events in the world.

BullGuard

BullGuard

BullGuard is an award-winning cybersecurity company focused on providing the consumer and small business markets with the confidence to use the internet in absolute safety.

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky addresses all the cybersecurity needs of industrial organizations in its Kaspersky Industrial CyberSecurity (KICS) portfolio.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

Metmox

Metmox

Metmox mission is to be trusted advisor and partner to protect our customer’s evolving Cloud, Network, Application, IT infrastructure and cybersecurity needs.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

Neeve

Neeve

Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable.

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.