Using just the HIDFirmwareUpdaterTool, hacker “K. Chen has come up with a way to inject malicious code into the keyboard’s firmware.” Basically, the “firmware can sniff keystrokes to obtain your password and it can launch a bash shell connected to any remote IP address on any port.” Video after the break.

[via Engadget]