Malboard Exploit Mimics A User’s Keystrokes

Uploaded on 2019-07-03 in TECHNOLOGY--Hackers, FREE TO VIEW

An  ingenious new exploit called Malboard has been developed by Israeli researchers. By emulationg user keyboard behaviour Malboard is capaable of evading several current attack detection products which are designed to continuously verify the identity of user based on personalised keystroke characteristics.

Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Ben Gurion University , said: “In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. “Our attack evaded detection in 83% to 100% of the cases.”

Mimic Personalised Keystrokes 
In this cyber-attack, a compromised USB keyboard automatically generates and sends malicious keystrokes which mimic the attacked user’s personalised keystroke characteristics. Usually maliciously generated keystrokes do not match human typing so they are easily detected. However, Malboard using artificial intelligence to generate commands autonomously and in the style of the user to inject the keystrokes as malicious software into the keyboard. The keyboards used to test this attack in the research were products by Microsoft, Lenovo and Dell.

Remote & Inside Cyber Attacks
Dr. Nir Nissim explained: “Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard.”

New Methods of Detection
The cyber-attack and new detection mechanisms were developed as part of Nitzan Farhi’s master’s thesis. Farhi is a BGU student and member of the USBEAT project at BGU’s Malware Lab, and explained: 

“Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission. 

“These include the keyboard’s power consumption; the keystrokes’ sound; and) the user’s behaviour associated with his or her ability to respond to typographical errors.”

SciTechEuropa

You Might Also Read:

How Companies Can Minimise Cyber Attack Damage:

Cybersecurity: The Human Dynamic:

 

 

 

« GDPR Is Now 1-Year Old
30% Of Business Leaders Would Pay Ransom »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

National Cyber Security Centre (NCSC) - Ireland

National Cyber Security Centre (NCSC) - Ireland

The National Cyber Security Centre (NCSC) is the operational side of the Department of Communications in regard to network and information security in the Republic of Ireland.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Blockchain Solutions

Blockchain Solutions

Blockchain Solutions Limited is a technological One Stop Solution provider, for Blockchain technology.

Internetwork Defense (IND)

Internetwork Defense (IND)

Internetwork Defense is a premier provider of Information Security Training and Business Consulting Services in the Mid-Atlantic region.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

Quintillion Consulting

Quintillion Consulting

Quintillion Consulting is a strategic risk based consulting firm. We help companies safeguard the core business and IT capabilities that deliver competitive advantage.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

TAV Technologies

TAV Technologies

TAV Technologies is a provider of technology services to the aviation industry in areas including airport infrastructure systems, digital transformation and cybersecurity.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

Invisinet Technologies

Invisinet Technologies

Invisinet is a cybersecurity technology company specializing in innovative solutions that protect network infrastructure and critical assets from advanced threats.