If you’re in the office, look around. Do you see a lone phone charger plugged into a wall port somewhere? Yes? Well, it may not be left behind by your colleague, but by a malicious hacker.
This phone charger may look innocent, but it was actually designed to be much more. Named the KeySweeper, it is actually a device capable of sniffing out and decrypting anything typed out on a Windows wireless keyboard in the vicinity. That means that any messages you send to your friends or family, or passwords typed in to your email, will immediately be recorded by the device and stored online.
If your hacker is looking for specific keywords or phrases, you typing it out will trigger an SMS signal to your hacker and send the next few things that are typed out. For example, if the keyphrase is “www.gmail.com”, it will send the next few phrases typed, which would probably be your username and password. This allows them to easily slip into any system they want, which is potentially dangerous for any company you work in.
The logs are also stored in the device itself, which can be extracted with a hardwired USB, or by putting a second KeySweeper device nearby (even if it is on the other side of the same wall).
When it is plugged into a wall port — as most phone chargers usually are — it will get power directly from the port. However, what makes matters worse is that even when it’s unplugged, it still has an operational battery within it that will allow it to keep recording even if it is sitting innocently on the desk.
This device was built by one Samy Kamkar, who also created a virus that basically took over MySpace back in the day, and recently even built a hacking necklace. While Microsoft is saying that it only affects keyboards manufactured before 2011, Samy told TechCrunch that the keyboards that could be affected are still being manufactured and sold today.
The good news? The device isn’t actually for sale. Apparently.
Nonetheless, if you see a lone phone charger hanging around, even if it isn’t plugged in, grab it and throw it out. Keep it far away from you.
And if your colleague starts wondering where his phone charger went? Well, you only did it in self-defense anyway.