Most of the world woke up to some not so good news today when Mathy Vanhoef, a security researcher in the CS department at KU Leuven Belgium revealed how the Wi-Fi WPA2 security protocol has been cracked, allowing potential intruders to decrypt the contents sent between the router and the device. The report details how attackers can exploit this to gather personal information like credit card numbers, passwords, photos, and more.
The vulnerability that has been discovered by Mathy Vanhoef allows hackers to utilize the KRACK or key reinstallation attacks to gain access to data that is being transferred from a device through the Wi-Fi network, after data transmission has been decrypted. The attacker only needs to be in the range of the victim to be able to take advantage of this vulnerability. These attacks can be used to attack private as well as public Wi-Fi networks.
Here’s what Vanhoef had to say on how the “KRACK” attack works – “We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks […] Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks.”
“The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected […] If your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.”
Vanhoef has created a proof of concept video to show how the ‘KRACK’ Wi-Fi vulnerabilities can be used to bypass WPA2 security protocol.
Using this complex hack attackers can intercept the signals and gain access to information like credit card numbers, account passwords, user’s personal data and more. However hacks can be prevented if the website data being transmitted to and from uses HTTPs. They can even manipulate data and insert viruses into devices that are connected to the affected network.
The vulnerability is found in the Wi-Fi standard, so it most likely affects all modern routers that are in use today. This also means that any device that uses Wi-Fi including your iPhone, iPad, Mac, Watch, bulb, toaster and the list goes on, can be affected by this vulnerability.
The good news is Apple and other companies can fix their platforms and devices with a software update and make them safe even when the Wi-Fi network they are connected to is compromised. Microsoft has already released a fix for this vulnerability in its latest update for Windows, and Google is expected to release one in the coming weeks. Apple shouldn’t be far behind as well.
Until a patch arrives it is advisable for users to avoid public Wi-Fi networks, use VPN and use Wired Ethernet connections when possible.
Update:
Apple has confirmed to Rene Ritchie of iMore that the ‘KRACK’ Wi-Fi vulnerability have been patched in iOS, tvOS, watchOS, and macOS betas that have been seeded to developers, and will be released to the public soon.