Can my mouse have virus and infect other machines?

Question

This is my mouse. I used it with my old computer which was full of viruses.

If I use this mouse for my new PC, can my new computer be infected from my mouse?

Answer 1

USB devices as a rule, in principle, can carry viruses. But that doesn't mean that all USB devices are capable of carrying viruses, it just means that if you don't know where the device came from, then it you shouldn't plug it into your computer even if it doesn't look like a device that could transmit a virus.

That said, most mice (presumably including this one) don't contain any writable memory. So the mouse can't be modified by an infected computer. So if the mouse wasn't dangerous to begin with, then plugging it into a dangerous computer generally can't make it a dangerous mouse.

---

Interestingly, this particular mouse is unusual in that it does actually have some amount of memory in the form of programmable macros, actually stored on-device. This makes the device slightly more suspect -- a malicious piece of software could theoretically overwrite your macros. How that might translate into subversive behavior is anyone's guess, but for run-of-the-mill malware infections, transmission by way of this particular macro function is quite unlikely, if for no other reason than because this mouse is not very common.

There's some chatter about the possibility of overwriting the mouse's firmware so as to persist an attack. Flashing firmware was the basis for the Bad USB attack class. But this requires that the firmware be user-flashable. For most mice there's nothing to worry about. Adding a firmware modification feature to the USB connection is expensive and uncommon. But if you expect to see such a feature anywhere, it would be on overly complicated and expensive peripherals targeted at gamers.

The anatomy of such an attack would be, almost certainly, to emulate a keyboard and inject a script of keystrokes when you're not looking -- see the USB Rubber Ducky for how this works.

Answer 2

According to my post here, the memory of a mouse is too small to store a virus (plus, it is a read only memory). So in practice it is very difficult to get a mouse infected.

But still there have been a few cases where a mouse was used as an attack vector to infect not only one computer but a whole network thanks to the firmware contained within it that is automatically launched when the mouse is plugged to a computer. (Netragard’s Hacker Interface Device (HID))

Answer 3

The mouse you have linked contains a macro function, it could be used for malicious purposes, but a specific set of programmed inputs would need to be configured for a very specific attack on your environment, additionally the 6 buttons would need to be mapped to inputs as well.

The biggest risk would be any software that you install with the mouse which allows you to configure your mouse key mappings and programme the macros.

Although unlikely it not unheard for commercially available products to come packed with software that has secondary functions that you may not be aware of and could be considered malicious. The software itself could also contain vulnerabilities, that could be exploitable.

The real risks with any mice, keyboards or any other human interface device (HID) are the associated vectors which may be left exposed.

For example HID USB ports are typically left open, especially for a mouse and keyboard, even on assests that have USB interfaces locked down. These interfaces can be used with commercially avaliable products like the USB Rubber Ducky for malicious purposes. Additionally modified mice like Netragard USB project can also be used to attack a system.

Intermediary hardware devices could also be used to capture mouse inputs.

Additional vectors such as sniffing any radio communications on wireless mice and keyboards is also possible, but would require special hardware within close proximity.

Then there is the old spy movie stuff, mice tampered with to place trackers, microphones, loggers, etc, inside them. How much this has a place in reality I don't know, regardless the risk associated with it for most people is very low.

These are generic to all mice though and not just the one you linked to.

TLDR; Your mouse has a low risk of being used maliciously. Mice in general could be used to deliver malicious payloads, but the biggest risks with them is the associated attack vectors which may be exposed. Although the risk attached is low and typically physical access is required.

Answer 4

Tl;Dr; Can it? Absolutely. Will it? Probably not.

Can it contain a virus? Yes. That mouse, like most USB device, has a micro-controller in it. That micro-controller has non-volatile memory. It is likely that that non-volatile memory is writeable (for firmware updates, out of laziness by the designer, it was the cheapest part available that met requirements).

Could it be infected? Yes. Any software that has access to the driver can write to that memory, its likely the software running on the mouse itself would need to be reverse engineered but that would not be that hard.

Could it infect another computer? Yes. The firmware can easily upload a virus for example, it could also so something much more simple, like sending keyboard presses to the target computer.

Is it likely that it's infected? No. All of the above steps are very hard and therefore expensive. No one does hard and expensive work without expecting to earn value. There are two types of hackers, one those that want to make money, they will not attack mice as there are much easier and more profitable attack methods, two "goverment" agencies (think NSA), they want to either collect huge amounts of information (think phone data) or target specific organizations (think stuxnet), that mouse is not common enough for the former or specific enough for the latter.

Answer 5

This mouse will not probably act as a medium for transferring any data or infection unless its bugged with a separate device.
Why?
According to the product specifications:

512k in-store memory which macro function can use in different computers

This shows the presence of a storage location of size 512kb, pretty enough for having some infection dropper stored, but not for a very sophisticated one.(Probably directly user accessible memory?)
By new PC, assuming it has everything up-to-date and patched, will be secure also. While this device is connected and the drive is being accessed, surely the security program will scan the 'in-store' memory, which results in detection of infection traces and cleaning it. Well, it depends on the security software installed. That's the case if the memory location is accessible by user/system.

Now, if the memory is not user accessible, ie only the accompanying software has the right to access the memory to manipulate the key mapping data stored in there, probably it only has the right to modify or manipulate the data.
Suppose the infections from the previous system managed to store a dropper in the on-board memory, there must be some actor to trigger the infection to be launched. Since only the companion software can access the memory space, and if it accidentally accessed the dropper, it would not know how to use it and will throw an error.

The narrow case is, the dropper has specially crafted macro codes(used by the mouse software) and the software accessed it and tried to make changes according to the macro, you may be infected if those specially crafted macro codes can exploit the software and run commands (vb-scripts, for example). (Still the heuristic behavior shield of security software may catch that)

Usually programmable mouse and pointing devices have a separate tool/software to change the functions of various buttons, which must be installed on the machine in which you need to have the intended changes. Same is the case here, but with an on-board storage to reduce the inconvenience of remapping keys while migrating the device.

Macro functions: Macro functions are commands or key combinations being executed by a single button press. Useful for repetitive tasks.