03 November 2017
A team of Belgian researchers have discovered a new vulnerability in the WiFi network, which allows attackers to eavesdrop Wi-Fi traffic passing between computers and access points. Nearly 41% of all Android connections are vulnerable to the WiFi attack, according to the report.
The exploit is known as KRACK, or Key Reinstallation Attacks, and allows data being sent over WiFi network by interrupting the third step in a four-way “handshake” that creates a key for encrypted data. The vulnerability found in WPA2 is similar to that of earlier security standards like WEP and is believed to be one of the “biggest online security threats ever.”
The United States Computer Emergency Readiness Team contacted about 100 organizations ahead of the official announcement of the vulnerability.
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
The details about the vulnerability will be released soon. Security researchers suggest that users who are concerned about the security of their connection should avoid using Wi-Fi entirely for now. The report states that people should use “HTTPS, STARTTLS, Secure Shell, and other reliable protocols” for encryption for now.
The vulnerabilities will be presented on November 1st in a talk titled “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” at a security conference in Dallas.