A secretly-IoT keyboard that shares your key presses and may "type" malicious stuff when you're not looking at it; the OS wouldn't be able to tell it's not you doing the typing. Not scary at all, no sir.

It can't read your keypresses (I think)

So long as it can simulate them, installing a keylogger that can read them too is a matter of a few seconds (to "type" a PowerShell script that will download and execute the desired payload).

It can't (unless it's the keyboard cable).

Hid usually ok with systems and hence a wireless mouse and keyboard pretended.

A windows hack may be - The “mouse” would ask to move to leftmost bottom corner then click. Type searching terms like Cmd<r>. Then if can get hold of the windows one is in ...

Any better idea?

<windows-key>R brings up a run dialog with the focus already in the text box waiting for a command. No mouse needed.

Keyboard shortcuts.

I took GP to be speculating about a hypothetical secretly-IoT-keyboard, not the cable being discussed. Similar thoughts are explored in the comments on TFA.

Yes. I assumed it would be straightforward after you figure out how to hide wifi inside a USB cable.

Unless the attacker is able to view the screen somehow then this is pretty useless. Or at least no more useful than fake keyboards without WiFi.

PrintScreen/Upload screenshot to web server/Wait for command

Better than that is to just type a PowerShell script that gets all the info immediately and sends it to a server.

You can do all of that without WiFi. How is an attacker with no vision of the screen any more useful than a script that can auto type a command to get remote access?

A script that can autotype a command to get remote access needs to be able to communicate over your network, and it can be detected or blocked by your network security infrastructure.

A device like this packages its own covert communications channel together with the exploit dropper; it provides an entry point to your network (and exfiltration channel) that bypasses all your filtering, logging, scanning, etc.

It's more useful precisely because there's nothing running and no remote access on the OS. Traceless. Norton ain't catch that.

That's the same as regular fake keyboard usbs. The WiFi has no advantage here

The 'ESPloit v2' [1] appears on USB as both a keyboard and a serial port, and any data sent on the serial port can be exfiltrated by the ESP8266 over its own wifi connection.

You can also imagine a loop where first you install a keyboard logger and exfiltrate the user's password, then later you want to update the exploit scripts to make use of the password. Or hell, maybe this is a prank product and having a wireless button to rickroll your victim on demand makes you laugh.

With that said, the first person to make a fake USB keyboard had a much bigger and more exciting trick than this incremental change.

[1] https://github.com/exploitagency/ESPloitV2

Edit: Or to put it another way, this is like the NSA's "Cottonmouth" bug, which "will provide air-gap bridging, software persistence capability, 'in-field' re-programmability, and covert communications with a host software implant over USB" [2] but 10 years later and without charging a million dollars for 50 units.

[2] https://en.wikipedia.org/wiki/NSA_ANT_catalog#/media/File:NS...

It gets uglier, if the person who wrote this added in an underclocker.

https://hackaday.com/2019/01/04/underclocking-the-esp8266-le...

Long story short, underclocking the ESP12 compresses the RF envelope for 2.4GHz . It also means the RF energy is in what looks like 1/3 a normal 2.4GHz channel.

The awesome side effect is that this device's SSID is completely hidden from regular 2.4GHz radios. You need another ESP12 with the same underclock ratio... and then need the SSID (if hidden), and the password.

You'd be able to find it using an ADALM-PLUTO. It'd stick out like a sore thumb, but it still wouldn't make sense what's going on unless you build a decode stack in Gnu Radio.