Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

WiFi connections open to hackers: Researchers

18 October 2017 6

A team of Belgian researchers have discovered a new vulnerability in the WiFi network, which allows attackers to eavesdrop Wi-Fi traffic passing between computers and access points. Nearly 41% of all Android connections are vulnerable to the WiFi attack, according to the report.

The exploit is known as KRACK, or Key Reinstallation Attacks, and allows data being sent over WiFi network by interrupting the third step in a four-way “handshake” that creates a key for encrypted data. The vulnerability found in WPA2 is similar to that of earlier security standards like WEP and is believed to be one of the “biggest online security threats ever.”

The United States Computer Emergency Readiness Team contacted about 100 organizations ahead of the official announcement of the vulnerability.

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

The details about the vulnerability will be released soon. Security researchers suggest that users who are concerned about the security of their connection should avoid using Wi-Fi entirely for now. The report states that people should use “HTTPS, STARTTLS, Secure Shell, and other reliable protocols” for encryption for now.

The vulnerabilities will be presented on November 1st in a talk titled “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” at a security conference in Dallas.


6

comments

WiFi connections open to hackers: Researchers
Write a comment...
Reblove

Thanks so much to Donald Jackson for helping me hack into my husband phone so i could see what he is up to and i was able to catch him red handed, now i am out and a lot happier credit goes to earlier mention hacker for a good job. If you are also interested in any hack job you can contact him via his mail – (donarldjacksoncyberhost@gmail.com) Tell him Rebecca refer you

Derrick09

It is easy to fall prey to incompetent hackers, but after reading this, i hope you do not ever have to be a victim of hackers who are not able to complete the job given to them. I was once a victim but not anymore and this is because i have found the best hacker ever and i wish to let you know that Hackmart is the best you can ever think of and he always deliver and he his reliable… contact hackmart242 @gmail.com Visit w ww. hackmart. org to learn more about their terms.

AshleyBravo

But as a security measure, it's a right call from the security people to say don't use your Wi-Fi connection. But in which part of the country is this threat active? Belgian researchers are doing the study.

RickyHudson

OMG... this is the biggest ever online threat? That's terrible to read. This means, it's more difficult to handle than malware or any similar threat.

Apple

Apple Watch Series 8, Watch SE launch with temperature sensor, crash detection

Apple

Apple Watch Ultra is Apple's biggest, most feature rich smartwatch yet

Apple

iPhone 14, 14 Plus debut with old A15 chip, satellite SOS messaging,

Apple

iPhone 14 Pro, Pro Max launch with new notch design, 48MP camera, and more