74380
All devices that support Wi-Fi are most likely affected and users may want to be wary of using Wi-Fi at all until patches are widely rolled out
Economy, Sci & Tech

KRACK Hack Kills Wi-Fi Privacy

One more vulnerability that is now affecting practically everyone and everything that uses Wi-Fi was revealed on Monday, allowing hackers to decrypt and potentially look at everything people are doing online.
Researcher Mathy Vanhoef, from Belgian university KU Leuven, released information on his hack, dubbing it KRACK, for Key Reinstallation Attack, Forbes reported.
Vanhoef’s description of the bug on his KRACK website is startling: “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
The vulnerability affects a core encryption protocol, Wi-Fi Protected Access 2 (WPA2), relied on by most Wi-Fi users to keep their web use hidden and secret from others.
More specifically, the KRACK attack sees a hacker trick a victim into reinstalling an already-in-use key. Every key should be unique and not re-usable, but a flaw in WPA2 means a hacker can tweak and replay the “handshakes” carried out between Wi-Fi routers and devices connecting to them; during those handshakes, encryption keys made up of algorithmically-generated, one-time-use random numbers are created. It turns out that in WPA2, it is possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted. The researchers say the attack was particularly severe for Android and Linux users.
As for how widespread the issue was, it appears almost any device that uses Wi-Fi is affected. “The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others are all affected by some variant of the attacks,” explained Vanhoef.
For that reason, users may want to be wary of using Wi-Fi at all until patches are widely rolled out. For now, it looks as if some manufacturers are pushing out updates, which should go some way to preventing attacks. Note that devices such as laptops and smartphones will require updates as well as routers.
Remote attacks are not possible with this hack alone. In the most likely attack scenario, the hacker would have to directly connect to the Wi-Fi access point, and so would need to be within physical proximity to the device (possibly up to a few hundred meters away depending on whether they had access to antennas to extend their reach).

Short URL : https://goo.gl/caQyGh
  1. https://goo.gl/BV9TNL
  • https://goo.gl/dx2pbf
  • https://goo.gl/CDdpX2
  • https://goo.gl/URPCJj
  • https://goo.gl/peMh78

You can also read ...

Stadler Rail’s business with Iran is worth billions of Swiss francs.
In early March, the Swiss Embassy in Tehran gladly announced a...
Iran to Increase Exports to US Despite Sanctions
A senior Iranian trade official has announced that the country...
Grab Clinches Deal With HSBC
Ride-hailing startup Grab has secured a $370 million five-year...
Trends in Housing Sales, Rents
The Statistical Center of Iran has presented crucial data...
Gov’t Limits  Forex Supply  to Importers
The government has curbed the allocation of foreign currency...
Iran Proposes to Set Up IMO Offices in West Asia
The Ports and Maritime Organization of Iran has announced its...
Audi CEO Arrested Over Diesel Scandal
Audi CEO Rupert Stadler was arrested in Munich on Monday in...
Over 2.55 billion shares worth $169.2 million were traded at TSE on June 18.
Tehran stocks showed no signs of backing down on their rally,...

Add new comment

Read our comment policy before posting your viewpoints

Trending

Googleplus