A serious security weakness discovered in the WPA2 wireless networking protocol likely affects every device that supports Wi-Fi, according to one of the researchers who discovered the vulnerability.
The weakness could enable a so-called “KRACK” (Key Reinstallation AttaCK) attack on the four-way cryptographic handshake system used to establish communications connections via WPA2. By launching such an attack, a hacker could reinstall a previously used cryptographic key and then access all the data sent and received by a wireless device.
What’s more, an attacker could also use that wireless access to inject malicious data, such as ransomware, into the traffic streaming to an affected device.
While there’s no indication yet that the vulnerability has been exploited in the wild, the Wi-Fi Alliance said it is urging device vendors to integrate patches quickly. When those become available, users should immediately update their wireless devices to reduce their risks of being hacked.
‘Works against All Modern Wi-Fi Networks’
In a proof-of-concept paper released today and scheduled to be presented at a security conference next month, Catholic University of Leuven researchers Mathy Vanhoef and Frank Piessens described how flaws in Wi-Fi security protocols could be exploited by tricking a targeted wireless device into reinstalling a cryptographic key that’s already in use. That reinstallation breaks the handshakes used to establish a secure connection and could allow an attacker to replay, decrypt, and forge data sent wirelessly to and from the victim’s device.
“[A]ttackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef noted on the Key Reinstallation Attacks Web site he launched to describe how KRACK works. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks.”…