With these apps you wrote on the PC from Android; now you are in danger

smartphone malware

Surely we have ever found that, when we go to write with our keyboard on the computer, it does not work, or some keys have stopped working. When this problem occurs we have two options, either connect another keyboard, if we have one, or activate the virtual keyboard to continue working with the PC, or take advantage of a device that we all have, such as an Android mobile, and turn it into a wireless keyboard perfect for getting out of trouble. However, if we have, it may not have been a good idea.

A security researcher has detected a serious security problem in three of the most popular applications that allowed us to turn our mobile into a wireless keyboard (and mouse): PC Keyboard, Lazy Mouse and Telepad, both in their free and paid versions. Between the three, these apps add more than 2 million installations.

Serious failures that put you in danger

This security researcher found serious security flaws that allow remote code to be executed on the PC being controlled, and can even send malware from mobile phones to computers. Immediately afterwards, he tried to contact the developers to inform them of the finding, but since last October he has not received a response, so, finally, he has decided to make the information public.

The security flaws in question that users who have installed these apps face are:

  • Telepad: a 9.8 bug that allows an attacker to send instructions to the PC to execute unauthorized code and commands. Another bug, from hazard 5.1, that allows capturing keystrokes with a MITM attack.
  • computer keyboard: the same two bugs as in Telepad, which makes us think that both apps are clones.
  • Lazy Mouse: two failures of dangerousness 9.8, and one of 5.1. The first two allow you to connect to the PC remotely without password or authentication and execute remote code on the system, and the second to manipulate traffic to capture all keystrokes.

At the moment there is no evidence that these apps have been used to attack their users and their information has been put in danger. However, it is true that the security breach is real, and that they are projects that are no longer under active development, so if we are one of the more than 2 million users who have trusted these apps, we should think about delete them as soon as possible.

Better look for other wireless keyboards for Android

If you are looking for an app to turn your mobile into a wireless keyboard and mouse, instead of using the three previous applications, it is better to look for an alternative that is reliable and does not put us in danger. In the Play Store we can find several similar projects, some paid and others free, that fulfill the same function as the previous applications, yes, without putting ourselves in danger.

To avoid this type of problem, it is important to always look at the updates, to see if they have frequent maintenance and updates, in addition to carefully reviewing the comments of other users to see if they consider them to be good apps.