Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

You have declined cookies. This decision can be reversed.

'All modern WiFi networks' are now vulnerable to hackers, millions of Android devices at risk

Written by  Oct 15, 2017

"Any device that uses WiFi is likely vulnerable," the security expert warned – a shocking assertion as so much of modern technology relies on the networks.

He said any information previously thought to be encrypted is currently at risk, adding that the technique – branded Key Reinstallation Attack, or "Krack" – is able to bypass the security of devices running Android, Linux, Windows, MediaTek, OSX and more.

Vanhoef wrote: "The attack works against all modern protected Wi-Fi networks.

"Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites."

The Krack attack – which needs attackers to be in close range of a target – takes advantage of WPA2's "4-way handshake" system which devices joining a network use to communicate securely.

To prevent the attack, users must update all affected products as soon as security updates become available – but in some cases this may take weeks.

The attack is "exceptionally devastating" against Linux and Android 6.0, the researcher found.

Vanhoef said that it was "trivial" to intercept Android data and that 41% of devices running the OS are at risk to one variant of his key reinstallation attack.

According to Google statistics, released in May this year, there are now more than two billion monthly active Android devices in use around the world.

Changing your WiFi network password will do nothing to stop the attack, the research said.

Android devices are vulnerable to attack iStock

Instead, Vanhoef said all individual devices should be updated when patches emerge. Additionally, the firmware of routers will need to be urgently updated when possible.

Some vendors with vulnerable products have known about the issue since mid-July this year. Meanwhile US CERT, a division of Homeland Security, sent out an advisory to some of the impacted firms on 28 August 2017.

Older hardware may never receive updates.

Experts do not know if the bug is being actively exploited by hackers.

The WiFi Alliance, a US body which oversees security of devices using the protocol, said the issues should be able to be resolved with "straightforward software updates."

Alex Hudson, a security researcher, said on his website that the only answer for some Android devices was to switch off the WiFi function completely.

He wrote: "There are plenty of nasty attacks people will be able to do this.

"They may be able to disrupt existing communications. They may be able to pretend to be other nodes on the network. This could be really bad."

He continued: "You can think of this a little bit like your firewall being defeated. WiFi encryption mainly functions to keep other devices from talking on your network (the security otherwise has been a bit suspect for a while).

"If that no longer works, it makes the devices on your network a lot more vulnerable – attackers in proximity will now be able to talk to them."

More on the WiFi flaw is set to be revealed on 1 November 2017 during the Black Hat Europe conference. The full research paper has now been made available for download.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Red Hot Deals at Amazon

Latest News

European ICOs have raised $637 million this year but still behind the US

Nov 22, 2017 22

European ICOs have raised $637 million this year but still behind the US

Europe has raised $637 million through initial coin offerings (ICOs) this year, which lags behind amounts raised in No...

  1. Popular
  2. Trending
  3. Comments

Checkout The Deals

Calendar

« November 2017 »
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      

Apple Mac Tips

apple mac tips