0

I was given a mouse by someone who now i realized would want to hack me. It is the Microsoft basic optical mouse v2.0. Can this mouse be modified to inject spyware and malware onto my laptop?

schroeder
  • 125,553
  • 55
  • 289
  • 326
Ashley
  • 1
  • Ever heard about the Rubber Ducky? Ninja cable? USB attacks are definitely possible. – Kate Dec 15 '22 at 20:26

3 Answers3

0

The USB protocol allows to emulate mass storage which you then need to run from manually in order to get hacked, so it's unlikely you could have missed it.

But even without a built-in ROM this mouse could possibly send all your mouse actions via radio channels which is enough to infer a lot of information about you.

Another avenue is a vulnerable USB stack in your operating system but if you keep your software up to date it's highly unlikely you could have been hacked this way.

AFAIK USB4/Thunderbolt is a whole different affair as it can function as a PCI-E device with full DMA control over your system (meaning full read access to your RAM without your OS knowing anything about that) but USB4/Thunderbolt devices are still relatively rare and Intel claims modern operating systems have safeguards against this.

Artem S. Tashkinov
  • 2,217
  • 6
  • 17
  • Would they be able to see what i type on the keyboard? I read on the internet and this website that macros can be overwritten to contain scripts or payloads. Would they have been able to do this to the mouse using their own device and then given to me to infect my device? – Ashley Dec 15 '22 at 18:24
  • It depends on whether or not you've installed any software which the mouse pushed on you. If you only installed the edrivers from Windows Updates, it's very unlikely you've been hacked. – Artem S. Tashkinov Dec 15 '22 at 18:41
  • The mouse didn't push me to install any software. It just plugs in and works. So fingers crossed i should be safe right? – Ashley Dec 15 '22 at 19:00
  • That's correct. – Artem S. Tashkinov Dec 15 '22 at 19:28
0

Yes, it is possible!

A full up custom device that looks like a Basic Optical Mouse would require a fair amount of technical resources and money.

A more Do It Yourself approach might use something like The O.MG Adapter either embedded in the mouse, if there is room, or permanently attached in-line on the cable. It runs around $200 and still requires some significant technical expertise. Only you can decide how likely that is in your circumstances.

user10216038
  • 7,933
  • 2
  • 16
  • 20
0

Can this mouse be modified to inject spyware and malware onto my laptop?

In principle, yes, USB can be used to infect your computer with malware. See for example rubber ducky, juice jacking and ninja cable (as mentioned in Kate's comment).

If I were you, I wouldn't expose my computer to any risk by using a mouse given to me by a person that wants to harm me. I would ditch the mouse and buy a new one, just to be on the safe side.

Spyros
  • 1,451
  • 1
  • 14