Beware...Wifi Network with WPA2 is compromised!
This attack is known as KRACK (Key Reinstallation Attacks).The attack is discovered by Mathy Vanhoef and Frank Piessens of imec-DistriNet, KU Leuven university of Belgium.
An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs).
In addition to sniffing the traffic , it is also possible to inject and manipulate the data thereby inserting malware. The attack works against all modern protected Wi-Fi networks.
As the weaknesses are in the Wi-Fi standard itself and not in individual products or its implementations and therefore even the device with correct WPA2 implementation may get affected.
During initial research, the researchers observed that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Also the researchers suggested that about 41 percent of Android devices are vulnerable to an “exceptionally devastating” version of the attack.
Microsoft has provided patch for the affected products and it is suggested to update your system.Also Apple said "Apple confirmed it has a fix in beta for iOS, MacOS, WatchOS and TVOS, and will be rolling it out in a software update in a few weeks." as per media reports. Many major vendors will be coming up with the updates sooner than later, that includes google.
To prevent the attack, users must update affected products (wireless clients and )as soon as security updates become available.As a better solution at this moment is to use LAN rather than Wifi and also avoid using Wifi in public places till the devices are patched.
An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs).
In addition to sniffing the traffic , it is also possible to inject and manipulate the data thereby inserting malware. The attack works against all modern protected Wi-Fi networks.
As the weaknesses are in the Wi-Fi standard itself and not in individual products or its implementations and therefore even the device with correct WPA2 implementation may get affected.
During initial research, the researchers observed that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Also the researchers suggested that about 41 percent of Android devices are vulnerable to an “exceptionally devastating” version of the attack.
Microsoft has provided patch for the affected products and it is suggested to update your system.Also Apple said "Apple confirmed it has a fix in beta for iOS, MacOS, WatchOS and TVOS, and will be rolling it out in a software update in a few weeks." as per media reports. Many major vendors will be coming up with the updates sooner than later, that includes google.
To prevent the attack, users must update affected products (wireless clients and )as soon as security updates become available.As a better solution at this moment is to use LAN rather than Wifi and also avoid using Wifi in public places till the devices are patched.
0
