KRACK is a critical vulnerability in the most popular WPA2 security protocol, affecting almost every device with Wi-Fi
A group of researchers on cybersecurity has discovered a critical vulnerability in the Wi-Fi Protected Access II protocol (WPA2), which encrypts the connection of the vast majority of modern wireless Wi-Fi networks. With its help, attackers can not only listen to traffic from all devices connected to Wi-Fi (laptops, tablets, smartphones), but also to introduce malicious code into the pages of sites that they visit.
The set of vulnerabilities was named KRACK (Key Reinstallation Attack).
The United States Computer Emergency Readiness Team (US-CERT), which informs government agencies and private organizations about cyberthreats, confirmed the seriousness of the threat:
"US-CERT has learned about several key vulnerabilities in the four-way handshake algorithm, which is part of the WPA2 security protocol.
The impact of these vulnerabilities includes decryption, interception of packets, theft of TCP connections, the introduction of HTTP content and not only. The problem concerns most or all implementations of the standard, "the organization said in a statement.
Since the problem is contained in the WPA2 protocol itself, it affects "almost every device with Wi-Fi", the researchers say. That is, all devices with wireless Wi-Fi support regardless of the software platform (Android, iOS, Windows, etc.) fall into the risk zone. At the same time, there are some versions of Linux in the highest risk zone, and for devices running Android version 6.0 and below, the vulnerability is "extremely destructive". When attacking other platforms, it is more difficult to decrypt all data packets, but nevertheless, attackers can get the most information. True, it is worth considering that this attack is limited to the area of the Wi-Fi network.
Demonstration of an attack on a smartphone running Android
The group of researchers could not find any evidence that this vulnerability was ever used by hackers. They also noted that they warned producers and sellers of equipment about the problem in July 2017. At the end of August, the US-CERT organization also sent out warnings. As Ars Technica notes, approximately 100 companies received warnings. Aruba and Ubiquiti, who sell access points to large corporations and government organizations, have already released an update to remove vulnerabilities under code names: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE -2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088. Of course, a simple password change in this case is not enough to prevent the possibility of an attack. Researchers advise to make sure that the router uses the latest firmware version, and update all user devices to the latest firmware version.
Microsoft has already said that they have already fixed a vulnerability in Windows. Google said that it is aware of the problem and that in the coming weeks will issue fixes for all vulnerable devices. However, the question immediately arises as to how quickly these updates will get (and will they receive at all) owners of devices that do not belong to the Pixel and Nexus families.
In the coming weeks and months, updates are expected for a number of other access points and devices.
In the meantime, worried users are advised to avoid using Wi-Fi prior to the release of the patch or to use additional data encryption protocols such as HTTPS, STARTTLS and Secure Shell. You can also consider using VPN as an additional security measure, but you have to be especially careful, since many of them can not guarantee a secure connection.
Simultaneously with the coverage of the problem, a special site called krackattacks.com was launched and a repository on GitHub devoted to the vulnerability was created.
More details about the vulnerabilities researchers will tell during a report on November 1 at a conference on cybersecurity in Dallas.
Source: The Verge, Ars Technica and TJ
This post received a 28% upvote from @morwhale team thanks to @kobusu! For more information, click here! , TeamMorocco! . this is @originalworks . steem @steemprice BTC
$5594.25 USD/BTC
Volume: 54226.02 BTC ($303353791.83 USD)
Last Updated Tue Oct 17 21:39:17 2017
Thank you for giving the useful information!
@alchemage has voted on behalf of @minnowpond. If you would like to recieve upvotes from minnowponds team on all your posts, simply FOLLOW @minnowpond.
As a follower of @followforupvotes this post has been randomly selected and upvoted! Enjoy your upvote and have a great day!
img credz: pixabay.com
Nice, you got a 14.0% @welcomebot upgoat, thanks to @kobusu
Want a boost? Minnowbooster's got your back!
The @OriginalWorks bot has determined this post by @kobusu to be original material and upvoted it!
To call @OriginalWorks, simply reply to any post with @originalworks or !originalworks in your message!
For more information, Click Here!
Special thanks to @reggaemuffin for being a supporter! Vote him as a witness to help make Steemit a better place!
This post has received a 3.13 % upvote from @drotto thanks to: @kobusu.
Thanks for sharing @kobusu... Love it.
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by kobusu from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews/crimsonclad, and netuoso. The goal is to help Steemit grow by supporting Minnows and creating a social network. Please find us in the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
Hi @kobusu,
Congrats! Your post is featured on The Daily Qurator 39. I hope you like it
Your quality curator,
Dr. TLK :)
Yes i do laik thanks mr. Qurator =)
Happy to hear that. You are welcome :)