29.6 C
Mel K
LInux Guru and Technical Writer

KRACK vulnerability – Wi-Fi bug allowing hackers to steal data

Wi-Fi is most widely used the system for sharing files and enjoying internet service anywhere – home to office, corporate to business industries. With the help of a Wi-Fi router, the internet is shared to multiple devices at the same time. The router emits a radio signal as an access point and using the Wi-Fi adapters on your devices, you’re free to connect to the router and enjoy the internet without any wire. However, KRACK affects most of them. KRACK vulnerability is a serious issue now.

How Wi-Fi works

The wireless router emits data as radio signal all around, so anyone can intercept that. In order to make sure that only the correct user gets that, the router uses WPA2-PSK encryption system. Every single wireless client devices get unique encryption keys, thus securing the data.

Unfortunately, even the WPA2 encryption method comes up with a major bug, unknown for decades until Mathy Vanhoef of imec-DistriNet, KU Leuven discovered it. The vulnerability is known as KRACK (Key Reinstallation Attack). Using KRACK attack, a hacker is easily able to infiltrate the Wi-Fi access point and steal almost every single data – everything.

How this vulnerability works

Using a flaw in the Wi-Fi connection system. Wi-Fi router and devices use a method named “4-way handshake” to generate that unique encryption key for the specific client device. This method was thought to be secured. However, using simple mumbo jumbo, this key generation can be interrupted and the client device can be easily fooled to use a malicious access point instead of the original one and thus, all your info is stolen.

- Advertisement -

When interrupted, the 4-way handshake fixes a pre-determined encryption key for the specific device. Now, as all the data can be captured from the Wi-Fi AP range, hackers can easily figure out the encryption key. If the hacker is living your next door or staying nearby your location, every time you’ll use that device to connect to the Wi-Fi AP, all the data will be stolen, leaving literally no trace of interception.

According to the identifier of this vulnerability, Mathy Vanhoef, he demonstrated the intensity of this attack. In a video for demonstration purpose (not teaching how to use it), Mathy successfully intercepted an Android connection and was able to watch every single data pack exchanged with the internet. Horribly, when victimized, Mathy was able to collect the username and password inputted into a website! This is a serious issue that can give hackers ample opportunity to do anything!

Another KRACK fact is, changing your Wi-Fi router’s password won’t make any effect. This vulnerability isn’t about the password – it’s about the devices and software. The “4-way handshake” also contains additional 10 bugs. However, let’s not panic just yet. There’s a limitation what a hacker can and can’t do with the KRACK vulnerability. Here’s a list what hackers can do with KRACK bug.

What a hacker can & can’t do

  1. Look only unencrypted traffic. Some websites don’t use HTTPS or don’t implement HTTPS perfectly. Hackers will be able to grab that info.
  2. Hacker needs to stay nearby your Wi-Fi access point range all the time. It’ll take time for hackers to start using this vulnerability.

How to stay safe

That doesn’t mean that you’re still safe, but you’ve got time to get rid of it. KRACK currently is available for Android and Linux devices. Upgrade your Linux/Android to the latest version. Android fixes this bug on the “November 6, 2017” security patch level. If you’re an iOS user, upgrade to iOS 11.1 update. For your router, check out the latest firmware. Many router companies have fixed the issue, while others on the way. Some old router models haven’t maintained anymore, so it’s better to change the router.

If you use IoT devices, you need to think which ones to turn off. For example, a security camera without encryption will allow the hacker to get valuable footage of your daily works. Turn off such devices and get rid of them for the time being. Check out the vendor’s website if they’ve updated the firmware. You might need to purchase the latest hardware supporting the fix.

Another best way to stay secure is using HTTPS Everywhere browser extension. It encrypts almost all the browser data packet exchanges with the web and available for Chrome, Firefox, and Opera. We all are waiting for total protection against KRACK.

- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
"The best Linux newsletter on the web"


Please enter your comment!
Please enter your name here

Latest article