Mouse motion simulators may be a cyberthreat vector targeting remote employees and their employers, Kaspersky experts warned in a press statement circulated on Nov 11.
Although these simulators may seem harmless and convenient at first, they may come from unknown sources and vendors and pose a serious threat to device security, potentially compromising the data of both the employees and the organisation they work for.
Also known as mouse jigglers, the malicious version of mouse simulators are designed to create the impression that someone is working on the computer, preventing it from going into sleep mode and keeping the status indicators in corporate messengers online.
Throughout 2024, there were three billion local threats detected and blocked by Kaspersky globally, of which 493 million were in Asia1 – these include malware that is spread via removable USB drives, CDs and DVDs, or that initially makes way onto the computer even through non-open files (for example, programs in complex installers, encrypted files, etc.).
“Mouse simulators could become an entry point for cybercriminals who can use them to gain access to confidential information or disrupt the operation of corporate digital systems,” warns Marc Rivero, Lead Security Researcher at Kaspersky, a global cybersecurity and digital privacy company founded in 1997 that has serviced over 200,000 corporate clients.
“Users should be mindful about connecting unknown USB devices to their corporate computers, and businesses should organise regular cybersecurity training courses for employees so that they are aware of potential threats. It’s also of vital importance to have reliable endpoint protection on corporate devices that can detect and neutralise suspicious activity. These measures will help protect the
company from possible attacks and maintain data security,” added Rivero.
To block local threats, including those transferred through USB devices, businesses should use security solutions services that provide real-time protection from online and offline threats for organisations of any size and industry, assess employees’ digital literacy to minimise human-error-induced cyber risk by offering comprehensive cyber training accordingly.
Individuals, on the other hand, should control and scan all the connected devices to prevent malware from accessing the computer, and ensure that any USB accessories are products of certified and trusted brands.
- These detects come from Kaspersky’s main line of B2B and B2C solutions. ↩︎
