Wi-Fi Devices Vulnerable to KRACK Attacks: Your 10-Point Cheatsheet

WiFi users are at risk due to a vulnerability which allows hackers to create malicious networks, decrypt data and even inject malware onto devices.

To exploit the vulnerability, a cybercriminal would have to launch a man-in-the-middle (MitM) attack against a WPA2-protected Wi-Fi network from within physical range of the target device.

While some websites and apps may use HTTPS as an additional layer of protection, it can still be bypassed by a hacker.

"During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks", he continued. This version of the wpa_supplicant clears the encryption key from memory once it is installed the first time allowing the researchers to insert an all-zero encryption key which, in turn, allows traffic to be easily intercepted with this known key. This means all devices that use Wi-Fi networks need updating to protect against attack. "This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users". In more unsafe cases, hackers might be able to "take over" your Wi-Fi connection and add malware to otherwise safe sites, Mashable explained. Bleeping Computer posted a list of available patches and pledged to update it as new fixes appear.


Google has also "promised a fix for affected devices 'in the coming weeks, '" The Verge added. For this sort of an attack to be mounted on your Wi-Fi network, a hacker has to be within the range of the network-this can not be remotely.

Moving forward, at the very least you should get ready to update your router's firmware, as it's possible your manufacturer will have a patch in the very near future.

Luckily, the WPA2 flaw doesn't affect secure websites, so your personal information should be safe if you limit your internet surfing to these sites. The WPA2 system is a system which secures the Wi-Fi connection between a router and a computer. While changing the password of your Wi-Fi network does not prevent or mitigate the attack, it's never a bad idea to change the Wi-Fi password, Vanhoef said. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together", the statement said.


Popular

CONNECT