Security researchers have discovered serious weaknesses and total breakdown in WPA2, a security protocol used to secure protected Wi-Fi networks. An attacker within range of a victim’s Wi-Fi device could exploit these weaknesses using key reinstallation attacks (KRACKs).
The vulnerabilities lie in the WPA2 protocol’s four-way handshake, which is used to confirm that both the client and access point possess the correct pre-shared password needed to join the network.
This attack could be used consequently to decrypt all data transmitted by the victim and steal sensitive information such as credit card numbers, passwords, chat messages, emails and photos. Depending on configuration, it is also possible for hackers to inject ransomware and manipulate data.
According to one of the researchers Mathy Vanhoef who discovered the attack, the vulnerabilities affect Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others.
However, Vanhoef said the key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher, which can be tricked into (re)installing an all-zero encryption key.
The researchers also include good FAQ’s about the attack and guidance from the Wi-Fi Alliance to help remedy the discovered vulnerabilities in the future.
Guidance will include a new vulnerability detection tool, vendor patch updates (as they are released) and communication of the importance to update Wi-Fi devices as soon as they are available.
Multiple industrial communications and networking vendors have products that are vulnerable to the recently disclosed KRACK Wi-Fi attack.
Many vendors have started to release patches, but others to include Cisco, Rockwell Automation and Sierra Wireless are still working on developing patches for affected products, SecurityWeek reports.
Some have workarounds for a few of the KRACK vulnerabilities.