Skip to main content

Wi-fi security flaw affecting a billion devices



The vulnerability dubbed Kr00k lets hackers eavesdrop on user activity over Wi-fi
A serious vulnerability in Wi-Fi chips affecting a billion devices has been discovered by cyber-security firm ESET who presented their findings at the RSA conference 2020 on Wednesday.

“ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers,” the firm said in an official statement.

The flaw dubbed Kr00k by ESET allows attackers to eavesdrop on user communications over Wi-Fi by gaining access to Wi-Fi traffic by disarming the encryption used by a password-protected Wi-Fi network.

“Kr00k is a vulnerability that causes the network communication of an affected device to be encrypted with an all-zero encryption key. In a successful attack, this allows an adversary to decrypt wireless network packets,” it said.

“Kr00k manifests itself after Wi-Fi disassociations – which can happen naturally, for example due to a weak Wi-Fi signal, or may be manually triggered by an attacker. If an attack is successful, several kilobytes of potentially sensitive information can be exposed,” explained Miloš Čermák, the lead ESET researcher into the Kr00k vulnerability. “By repeatedly triggering disassociations, the attacker can capture a number of network packets with potentially sensitive data,” he adds.

Kr00k affects all devices with Broadcom and Cypress Wi-Fi chips that do not have a security patch which are the most common Wi-Fi chips used in today's client devices according to the frim’s research.

ESET had disclosed the flaw to these chip manufacturers who then released security patches for prevention.
The firm is also working with Industry Consortium for Advancement of Security on the Internet (ICASI) to ensure that all possibly affected parties – including affected device manufacturers using the vulnerable chips, as well as other possibly affected chip manufacturers are aware of Kr00k.

A few wireless routers by ASUS and Huawei were also vulnerable to the attack. The routers found vulnerable to the flaw were Asus RT-N12, Huawei B612S-25, Huawei EchoLife HG8245H and Huawei E5577Cs-321.

The research also explained how users can protect their device against possible attacks due to this vulnerability.

“To protect yourself, as a user, make sure you have updated all your Wi-Fi-capable devices, including phones, tablets, laptops, IoT smart devices, and Wi-Fi access points and routers, to the latest firmware version,” said ESET researcher Robert Lipovský.

A complete list of the devices tested inside ESET’s lab are as follows:


• Amazon Echo 2nd gen

• Amazon Kindle 8th gen

• Apple iPad mini 2

• Apple iPhone 6, 6S, 8, XR

• Apple MacBook Air Retina 13-inch 2018

• Google Nexus 5

• Google Nexus 6

• Google Nexus 6S

• Raspberry Pi 3

• Samsung Galaxy S4 GT-I9505

• Samsung Galaxy S8

• Xiaomi Redmi 3S

Comments

Post a Comment

Popular posts from this blog

Understanding Ransomware

Ransomware is a type of malicious software designed to encrypt or block access to a victim's files or entire computer system. The attackers demand a ransom payment, typically in cryptocurrencies, in exchange for providing the decryption key or restoring access. This insidious form of cyberattack has evolved over the years, becoming more sophisticated and causing significant disruption.   The impact of ransomware attacks can be devastating on multiple levels. For individuals, it can result in the loss of personal data, compromising sensitive information like financial records or personal documents. In businesses, ransomware can disrupt operations, leading to financial losses, reputational damage, and potential legal implications. Critical infrastructure, such as healthcare or government systems, can also become targets, risking public safety and national security.
Post a Comment
Read more

Information security !!!

 
Post a Comment
Read more

Different types of cyber attacks

Malware attacks: Malware attacks involve the use of malicious software, such as viruses, worms, or ransomware, to damage or disrupt systems or steal sensitive data. Phishing attacks: Phishing attacks involve the use of fake emails or websites to trick individuals into revealing sensitive information, such as passwords or financial data. Denial of service (DoS) attacks: DoS attacks involve flooding a network or website with traffic in an attempt to make it unavailable to users. SQL injection attacks: SQL injection attacks involve injecting malicious code into a database through a website or application in order to gain unauthorized access or steal sensitive data. Man-in-the-middle (MitM) attacks: MitM attacks involve intercepting communications between two parties in order to gain access to sensitive information or to alter the content of the communication. Insider attacks: Insider attacks involve the use of an individual's authorized access to systems or data to compromise the secu...
Post a Comment
Read more