A team of researchers from the University of Liverpool School of Electrical Engineering, Electronics and Computer Science have designed a computer virus that was able to infect and spread across Wi-Fi networks like a contagious disease. The virus titled Chameleon worked in the following manner. First, it detected a list of access points that were inadequately secured. Next it tried to bypass any encryption security and the administrative interface on the access point. After storing the system settings it replaced the original firmware of the access point with the virus loaded firmware. Lastly it reloaded the previously stored system settings of the access point. Once it had taken control of the access point it was able to keep a track on the network traffic passing through it and was able to collect sensitive data like user credentials. The troubling fact with the Chameleon virus is that it never detected by any malware detection software since it never interfered with any data travelling through it.
While the aforementioned characteristics of Chameleon might seem frightening it’s the next part of the virus that makes it a dangerous threat. Once the Chameleon virus had taken control over the victim’s access point it was then able to seek out other vulnerable access points within the vicinity and was able to attack them without any human input. The virus was clever enough to avoid any heavily secured access points and was able to spot out the weaker ones. The team says that in a densely populated area with lots of Wi-Fi networks the virus spreads like a contagious disease like common cold. They tested this theory by simulating two densely networked urban environments like Belfast and London where the virus could propagate through unsecured networks like the ones you find in coffee shops.
BBC reports that the team is keeping details of Chameleon under wraps to avoid any real life incidents and their main objective behind this experiment was to obtain a proof of concept and create a software that is able to fend off this threat. If you seek to know more about this research feel free to go through the university website and have a look at their findings on the EURASIP Journal on Information Security.