• Home
  • Laptops
  • Laptops News
  • Wi Fi WPA2 Security Vulnerable to KRACK Attacks: Nearly All Wi Fi Devices on the Planet Vulnerable

Wi-Fi WPA2 Security Vulnerable to KRACK Attacks: Nearly All Wi-Fi Devices on the Planet Vulnerable

Wi-Fi WPA2 Security Vulnerable to KRACK Attacks: Nearly All Wi-Fi Devices on the Planet Vulnerable
Highlights
  • WPA2 security protocol has reportedly been compromised
  • The WPA2 vulnerabilities will be detailed at 5:30pm IST
  • Anyone near your router could eavesdrop on Wi-Fi traffic, say researchers
Advertisement

Security researchers claim to have found high-severity vulnerabilities in WPA2 (Wi-Fi Protected Access II), a popular security protocol used by nearly every Wi-Fi device on the planet. The vulnerabilities could potentially allow anyone near your router to eavesdrop on the Wi-Fi traffic being sent through it.

Details have been revealed on a dedicated site called krackattacks.com, named after the proof-of-concept attack called KRACK (Key Reinstallation Attacks). A total of 10 vulnerabilities have been identified, and were discovered by researcher Mathy Vanhoef of imec-DistriNet, KU Leuven.

"If your device supports Wi-Fi, it is most likely affected," Vanhoef writes on the website.

"Concretely, attackers can use this novel [KRACK] attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks," he adds.

All Wi-Fi Devices Vulnerable to KRACK Attacks: Your 10-Point Cheatsheet In Simple English

The attack essentially targets Wi-Fi clients using WPA2 (nearly every Wi-Fi device out there), and compromises the encryption protocol used for communicating with the router. After this, "any data or information that the victim transmits can be decrypted", Vanhoef notes, adding that event HTTPS communication have been bypassed in the past, so it may not be safe either.

He adds that the "attack is exceptionally devastating against Linux and Android 6.0 or higher", though devices running Apple's mobile and desktop operating system, Windows, OpenBSD etc. are all vulnerable. Note that to protect yourself against attacks, it's Wi-Fi clients like laptops, smartphones, smart home devices, and the likes, will need to install security updates.

"Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates," Vanhoef notes.

The vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) identifiers, specifically: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086,CVE-2017-13087, and CVE-2017-13088. Further details of these vulnerabilities can be found on the aforementioned website, or the National Vulnerability Database of the US Department of Commerce’s NIST website.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Xiaomi's Diwali With Mi Sale Offers: Deals, Discounts on Redmi Note 4, Mi Max 2, Redmi 4, and More
Apple Pay With Wallet Apps Integration Could Soon Launch in India: Report
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »