Massive WiFi Flaw Affects All Connected Devices: ‘You Have To Wonder If It Was Corrupted On Purpose’
Mac Slavo
October 16th, 2017
SHTFplan.com
The security protocol used to protect the vast majority of WiFi connections has been broken. This will expose wireless internet traffic to malicious attack, according to the researcher who discovered this weakness.
It doesn’t bode well that the mainstream media is also ignoring this problem completely because it’s a very big deal. Anytime the mainstream media brushes something off, most start asking questions. Unfortunately, none of the answers we have so far to those questions are of comfort.
Considering every single cellphone now has WiFi in it and this major “weakness” could affect almost everyone. According to ARS Technica, researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.
The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time. A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against devices running the Android, Linux, macOS, Windows, and OpenBSD operating systems, as well as MediaTek Linksys, and other types of devices. The site warned attackers can exploit it to decrypt a wealth of sensitive data that’s normally encrypted by the nearly ubiquitous Wi-Fi encryption protocol. –ARS Technica
“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” researcher Mathy Vanhoef, of the Katholieke Universiteit Leuven in Belgium wrote. “The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
Krack Attacks, the website, went on to warn that visiting only HTTPS-protected Web pages wasn’t automatically a remedy against the attack either. Since many improperly configured sites can be forced into dropping encrypted HTTPS traffic and instead of transmitting unencrypted HTTP data, this is not a safer option. An attacker can use a script known as SSLstrip to force a site like match.com (dating website) to downgrade a connection to HTTP. The attacker is then able to steal an account when the Android device logs in.
The Rest…HERE
