The Story of a Hacked Keyboard

the story of a hacked keyboard

Sprite_TM of has come up with a great idea. He purchased the Coolermaster Quickfire Rapid-I keyboard -sort of a Lamborghini among keyboards that features individual LEDs for each key, as well as a 72MHz ARM Cortex-M3 CPU, 127KB of flash memory and 32KB of RAM. This may seem like it’s not much, but for a keyboard, this is quite incredible.

Sprite showed the keyboard to his friend one day, who remarked: “You’ve had this keyboard for 24 hours now, and it has a bunch of LEDs and some arrow keys. I’m disappointed you haven’t got Snake running on it yet.”

This was the necessary call to action Sprite needed. He tried dumping the flash, but failed. Then, he realized that Coolermaster is actively upgrading the firmware and adding new features/improvements. He used those files to figure out which part was the firmware.

Now all he needed was some place to store the snake code and RAM to run it. This turned out to be rather easy as there is 64KB of unused flash space and 28KB of unused RAM. As you can see in the video below, the snake actually looks very playable:

What’s more, however, is that there is a possibility of loading malware onto the keyboards, especially with firmware that is upgradable from a computer. We know that changing the firmware of USB devices is already a reality (BadUSB, NetHunter). Coupled with a relatively powerful ARM CPU, this could mean some real trouble.