• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 27th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News

Vulnerability in WPA2 Protocol Allows Attackers to Intercept and Decrypt Encrypted Data Traffic

October 17th, 2017 Waqas Security, Technology News 0 comments
Vulnerability in WPA2 Protocol Allows Attackers to Intercept and Decrypt Encrypted Data Traffic
Share on FacebookShare on Twitter

According to cyber-security researchers Frank Piessens and Mathy Vanhoef from Belgium’s Katholieke Universiteit Leuven, there is a dangerous flaw in the WPA2 protocol which can be exploited by cybercriminals to intercept emails, passwords and other kinds of encrypted data. However, this will be successful only if the attacker is within the range of the vulnerable device or access point.

An attacker can also inject malicious content such as ransomware into a website when a client is visiting. The proof-of-concept of this exploit has been dubbed as KRACK, which is an abbreviation of Key Reinstallation Attacks. The findings of the research were disclosed on Monday followed by an advisory by US-CERT that has been distributed to nearly 100 organizations. In the advisory, it is stated that:

“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven will be publicly disclosing these vulnerabilities on 16 October 2017.”

The vulnerability affects the core WPA2 protocol and devices running Linux, Android and OpenBSD are mainly vulnerable to be exploited while to some extent macOS, MediaTek Linksys and Windows devices are also vulnerable.

According to Sean Gallagher, IT editor at Ars Technica, KRACK performs the attack by targeting the four-way handshake. The handshake is executed when a WPA2-protected network is accessed by a client since the handshake confirms that both client and access points have accurate credentials. KRACK however, tricks the client, which is vulnerable, into reinstalling a key that is already in-use due to which the client is forced to reset packet numbers. In the initial value of these numbers, there is cryptographic nonce and other parameters; KRACK forces the nonce reuse in such a way that encryption is avoided.

Vanhoef reveals that attackers can exploit this vulnerability to decrypt sensitive data including “credit card numbers, passwords, chat messages, emails, photos,” which is usually encrypted through the Wi-Fi encryption protocol. It is important to note that a majority of routers and devices nowadays rely upon WPA2 protocol for the encryption of Wi-Fi traffic.

“The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites,” wrote Vanhoef.

Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse https://t.co/gFrtbou375 and see the paper at https://t.co/iloFCbE8Pv

— Mathy Vanhoef (@vanhoefm) October 16, 2017

However, the researcher noted that the attacker could intercept Some of the traffic traveling between the device and the router. If the traffic is encrypted with HTTPS, then it cannot be intercepted by the attacker. On the other hand, cybercriminals cannot access your password through this traffic and can only perform packet injection with certain devices only if present within the range of the Wi-Fi network.

To protect your device, it is highly important to update all the wireless devices such as routers, laptops, phones, and tablets or whatever device you own with the latest security patches because updating them would prevent KRACK vulnerability. Especially update your router’s firmware and if an ISP has provided it, contact them immediately to update their branded kit or browse through their administration panel. The router manufacturers that have already released fixes for WPA2 protocol include Aruba, Fortinet, Meraki, Microtek, and Ubiquiti.

If your router hasn’t been fixed or a patch is not released then switch to Ethernet and turn off all the functions of wireless until a patch is released. Also, disable Wi-Fi option on your device to make sure that the traffic passes through the Ethernet cable. Or use cellular data on your mobile phone if your device does not has Ethernet port.

Remember that devices running on Android 6.0 and later versions are far more vulnerable to be exploited with this vulnerability than other devices primarily due to the faulty implementation of the handshake mechanism in their Wi-Fi stack. With the successful implementation of KRACK, the attacker can force the device to reinstall an all-zero encryption key instead of the original key.

Vanhoef states that visiting HTTPS-protected websites only is not an appropriate or productive solution to prevent KRACK because various improperly configured websites might be forced into transmitting unencrypted HTTP data.

“Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations. For example, HTTPS was previously bypassed in non-browser software, in Apple’s iOS and OS X, in Android apps again, in banking apps, and even in VPN apps,” noted Vanhoef.

The researcher has also ensured that iOS and Windows-based devices are not vulnerable to severe attacks while Linux and Android devices are most susceptible since attackers can force network decryption on clients within mere seconds without much ado. In this

regard, Vanhoef stated that clients could be patched even while connected to exploitable access points. Linux and Wi-Fi access points patches are already developed, but when they are available for Android users, it is yet unclear.

When asked if the vulnerability would pave the way for a WPA3 standard, Vanhoef explained that implementations could be “patched in a backward-compatible manner,” which means that patched clients can communicate with an unpatched access point or vice versa.

The vulnerability was kept a secret for weeks, and finally, on Monday it was discovered after it was officially disclosed on a Github page owned by Vanhoef and another website krackattack.com. The vulnerability has been indexed as “CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088.”

Vanhoef and Piessens will be presenting the findings via the website krackattacks.com at the ACM Conference on Computer and Communications Security due to be held on November 1st in Dallas. Bleeping Computer has published a complete list of firmware and driver updates for KRACK vulnerability, which can be viewed here.

  • Tags
  • Computer
  • hacking
  • Infosec
  • internet
  • Privacy
  • Router
  • security
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Apple co-founder Steve Wozniak Launches 'Woz U' Online Tech Education Platform
Next article Flaw in Adobe Flash Player Used to Install FinFisher Spyware
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us