All WiFi users open to malware attack through WPA2 glitch – study
Researchers have discovered a glaring vulnerability in WiFi Protected Access 2 (WPA2) – a core encryption protocol used by WiFi users to keep their web activity private.
"This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” Researcher Mathy Vanhoef from KU Leuven University in Belgium explained in the KRACK Attacks report. “The attack works against all modern protected Wi-Fi networks.”
An attacker in range of a target’s device can exploit weaknesses in WPA2 using key reinstallation attacks (KRACKs), which allows them to view data that’s meant to be encrypted.
As the weakness lies in WPA2 itself, all devices using WiFi are at risk. Researchers found devices using Android, Linux, Apple, Windows, OpenBSD, MediaTek and Linksys were affected.
Banking details, logins and credit card details are all at risk of being stolen, while the content of emails, chat messages, documents and images are exposed. In some cases, “an attacker might be able to inject ransomware or other malware into websites," Vanhoef explained.
Linux and Android 6.0 and above are at greater risk of having their data decrypted as they can be tricked into installing encryption keys. With other devices, it isn’t as easy to decrypt all packets sent, but a large number can still be exposed, researchers found.
How the vulnerability is used to infiltrate WiFi data
Hackers are able to search for a WiFi network and then clone it to trick users. This allows them to manipulate messages between the WiFi router and the device.
WPA2 uses a four-way ‘handshake’ encryption when a user wants to join a WiFi network. The WiFi router and device generate one-time use encryption keys when they connect. An encryption key is installed on the device and is then used to encrypt all traffic.
KRACK targets people by manipulating the handshake messages, tricking them into re-installing encryption keys that are already in use. Keys are meant to be unique and aren’t re-usable.
The device is then tricked into connecting with the malicious network, and the hacker is a “man in the middle” between the user and the real network.
They can then use data-capturing program, Wireshark, to capture the unencrypted data being sent from a device, successfully bypassing WPA2.
Researchers created a video example of how the vulnerability can be manipulated and what data can be viewed.
All WiFi users are advised to update their devices to the latest security update as soon as it’s available. While the vulnerability is a threat, hackers must be in the target’s WiFi range to carry out the attack.