![WPA2 Wi-Fi Security Cracked [Video]](/images/news/62903/303272/303272-64.png "WPA2 Wi-Fi Security Cracked [Video]")
Security researcher Mathy Vanhoef has cracked WPA2, the security protocol used to protect most modern Wi-Fi networks.
Using key reinstallation attacks (KRACKs), attackers can use Vanhoef's technique to read information that was previously assumed to be safely encrypted and steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Vanhoef notes that the attack is not limited to recovering login credentials. Any data or information being transmitted can be decrypted. Additionally, its also possible to decrypt data sent towards the victim. Even if a website is using HTTPS, he warns that the extra layer of protection can be bypassed in a 'worrying number of situations'.
Since submitting the paper for review on May 19, 2017, Vanhoef has found easier techniques to carry out the key reinstallation attack against the 4-way handshake.
With our novel attack technique, it is now trivial to exploit implementations that only accept encrypted retransmissions of message 3 of the 4-way handshake. In particular this means that attacking macOS and OpenBSD is significantly easier than discussed in the paper.
To prevent this type of attack, your devices will need to be updated. Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack; rather, make sure all your devices are updated and update the firmware of your router.
Take a look at the video below for a demonstration of the attack. You can also hit the link below for a detailed look at how the attack works.
Read More
Using key reinstallation attacks (KRACKs), attackers can use Vanhoef's technique to read information that was previously assumed to be safely encrypted and steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Vanhoef notes that the attack is not limited to recovering login credentials. Any data or information being transmitted can be decrypted. Additionally, its also possible to decrypt data sent towards the victim. Even if a website is using HTTPS, he warns that the extra layer of protection can be bypassed in a 'worrying number of situations'.
Since submitting the paper for review on May 19, 2017, Vanhoef has found easier techniques to carry out the key reinstallation attack against the 4-way handshake.
With our novel attack technique, it is now trivial to exploit implementations that only accept encrypted retransmissions of message 3 of the 4-way handshake. In particular this means that attacking macOS and OpenBSD is significantly easier than discussed in the paper.
To prevent this type of attack, your devices will need to be updated. Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack; rather, make sure all your devices are updated and update the firmware of your router.
Take a look at the video below for a demonstration of the attack. You can also hit the link below for a detailed look at how the attack works.
Read More
![iPhone 17 Pro in 'Hermès Orange' Drives Sales Rebound in China [Report]](/images/news/99883/99883/99883-160.jpg "iPhone 17 Pro in 'Hermès Orange' Drives Sales Rebound in China [Report]")
![Original AirTag Drops to All-Time Low Price of $17 [Deal]](/images/news/99856/99856/99856-160.jpg "Original AirTag Drops to All-Time Low Price of $17 [Deal]")
![iPad Air (M3) Drops to Lowest Price of the Year at $489.99 [Deal]](/images/news/99843/99843/99843-160.jpg "iPad Air (M3) Drops to Lowest Price of the Year at $489.99 [Deal]")
![Beats Powerbeats Pro 2 Drop to $199.95 [Deal]](/images/news/99815/99815/99815-160.jpg "Beats Powerbeats Pro 2 Drop to $199.95 [Deal]")
![Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]](/images/news/99283/99283/99283-160.jpg "Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]")
![Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]](/images/news/99794/99794/99794-160.jpg "Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]")
