Malboard Exploit Mimics A User’s Keystrokes

Uploaded on 2019-07-03 in TECHNOLOGY--Hackers, FREE TO VIEW

An  ingenious new exploit called Malboard has been developed by Israeli researchers. By emulationg user keyboard behaviour Malboard is capaable of evading several current attack detection products which are designed to continuously verify the identity of user based on personalised keystroke characteristics.

Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Ben Gurion University , said: “In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. “Our attack evaded detection in 83% to 100% of the cases.”

Mimic Personalised Keystrokes 
In this cyber-attack, a compromised USB keyboard automatically generates and sends malicious keystrokes which mimic the attacked user’s personalised keystroke characteristics. Usually maliciously generated keystrokes do not match human typing so they are easily detected. However, Malboard using artificial intelligence to generate commands autonomously and in the style of the user to inject the keystrokes as malicious software into the keyboard. The keyboards used to test this attack in the research were products by Microsoft, Lenovo and Dell.

Remote & Inside Cyber Attacks
Dr. Nir Nissim explained: “Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard.”

New Methods of Detection
The cyber-attack and new detection mechanisms were developed as part of Nitzan Farhi’s master’s thesis. Farhi is a BGU student and member of the USBEAT project at BGU’s Malware Lab, and explained: 

“Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission. 

“These include the keyboard’s power consumption; the keystrokes’ sound; and) the user’s behaviour associated with his or her ability to respond to typographical errors.”

SciTechEuropa

You Might Also Read:

How Companies Can Minimise Cyber Attack Damage:

Cybersecurity: The Human Dynamic:

 

 

 

« GDPR Is Now 1-Year Old
30% Of Business Leaders Would Pay Ransom »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSIS Security Group

CSIS Security Group

CSIS provide actionable threat intelligence, prevention, incident response and 24/7 managed security services.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

Excelsecu Data Technology

Excelsecu Data Technology

Excelsecu is a global solution provider of online identity authentication, widely applied in banks, government bodies and enterprises.

Thomsen Trampedach

Thomsen Trampedach

Thomsen Trampedach offers a tailored-made brand protection solution to each customer using a proprietary enforcement automation and reporting tool and a multilingual enforcement team.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

DoQubiz Technology

DoQubiz Technology

DoQubiz is using the idea of security through obscurity to develop their proprietary Fractal Security Engine that implements a highly resilient data protection protocol.

SecAlliance

SecAlliance

SecAlliance is a cyber threat intelligence product and services company.

SNC-Lavalin

SNC-Lavalin

SNC-Lavalin is a fully integrated professional services and project management company with offices around the world.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

Zynap

Zynap

Zynap is an Advanced AI-powered SaaS platform replicating cybercriminal tactics to predict, detect, and neutralize threats before they strike.

National Cyber Force (NCF) - UK

National Cyber Force (NCF) - UK

The National Cyber Force (NCF) is a partnership between defence and intelligence.

SGNL

SGNL

SGNL redefines identity-first security by integrating business context, closing critical gaps, and transforming how enterprises manage privileged access for a secure, adaptive future.