You need to update your Logitech wireless dongle to avoid falling victim to MouseJack hacking
If the word MouseJack seems familiar, it's because it as been around for a while. It is a remote access hack that emerged a few years back that took advantage of a vulnerability in some Logitech wireless dongles, as well as hardware from other manufacturers.
Being at least three years old, you would expect that patches would have been addressed -- and they were. But a large number of devices are still at risk because Logitech failed to recall the affect units that were on sale so there's a chance that if you bought a Logitech wireless keyboard, mouse or standalone dongle in the last few years, you could be at risk.
Using the MouseJack exploit, it is possible for a hacker to do a number of things, including sending keystrokes to a vulnerable machine and forcing the pairing of new devices without the need for the dongle to be in pairing mode.
Of course, once the problem was discovered, Logitech started to release updated dongles to the market that were secured against the vulnerability. But this still left a huge number of devices for sale that were problematic. Even mice bought recently could still pose a risk.
Speaking to the Verge, Logitech explains:
Logitech evaluated the risk to businesses and to consumers, and did not initiate a recall of products or components already in the market and supply chain. We made the firmware update available to any customers that were particularly concerned, and implemented changes in products produced later.
Logitech released a fix quite some time ago, but it's entirely possible that you have not installed it as you need to look for it yourself. If you head to the Logitech website you'll find firmware updates for the Mac and Windows versions of the Unifying receiver, as well as a separate firmware update for the G900 gaming mouse.
Image credit: MiNe (sfmine79) / Flickr