Your Wi-Fi Is On KRACK! How To Detox And Rehab Your Devices Now.
Image your Wi-Fi signal being lured down a dark and seedy connection by a code that promises higher speeds and quick hits! This newly discovered vulnerability in WPA2, a fundamental security protocol meant to protect Wi-Fi networks, can invade ANY device that utilizes a wireless interface. The bug is known as KRACK, Key Reinstallation Attack, and works against all modern protected Wi-Fi networks. It allows hacker to inject ransomware or malware and can also provide hackers with sensitive personal information such as credit card numbers or PINs and passwords. But like obtaining a drug, the hacker-pusher must be within 2 – 8 miles of your Wi-Fi signal.
In a key reinstallation attack, the “pusher” tricks the user into reinstalling an already-in-use key. When the user reinstalls the key associated parameters such as incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset. The “pusher” can then manipulate this cryptographic handshake and exploit accordingly. Thus, the “pusher” has a line in the vein of your mobile device, laptop, or other Wi-Fi enabled device. And, consequently, can manipulate the device and extract information to their desired result. You’ve been hacked!
Now, before you turn off your Wi-Fi or sift through recent updates for a patch, the Wi-Fi Alliance a non-profit organization which certifies that Wi-Fi devices adhere to certain standards of interoperability and assures that Wi-Fi products from different vendors work well harmony, is on the case! The plan will help correct identified WPA2 weaknesses and provide a vulnerability protection tool for users to download. You can also employ other preventative measures yourself now such as not re-entering passwords or other highly sensitive data, and regularly updating Wi-Fi devices and router firmware. Here is a current list of patches that you can use today!
Big ups to a Belgian researcher for getting us hip to this trick. Post-doctoral researcher Mathy Vanhoef , first encountered the flaw while examining data for another paper! Unlike a drug dealer exposed by complex surveillance or crafty sting operations, he discovered KRACK quite by happenstance. He and other researchers went on to present their findings at the Computer and Communications Security (CSS) conference on November 1, 2017 and are at the forefront of creating solutions.
Remember KRACK, can infect any device using Wi-Fi and the hacker-pushers can manipulate their victims to perilous ends. So before your phone or bank account needs treatment, stay frosty and update all devices often!