Connecting to a free Wi-Fi may compromise your privacy, its not always safe..
A key flaw in the WPA2 WiFi encryption protocol that allows hackers to intercept your credit card numbers, passwords, and sensitive information. The flaw called Key Reinstalled Attack or Krack Attacks is found in the WiFi standard.
All the devices using WPA2 encrypted WiFi networks are vulnerable to the attacks. WiFi networks record the MAC address of connected devices, these MAC addresses can easily be carbon copied to impersonate the mobile devices. Any device connected to a router using WIFi can be exploited using the vulnerability found in WPA2 encryption.
The report published by the security researcher, Marthy Vahoef, and Frank Piessens talks about these serious vulnerabilities found in WPA2 protocol. Faking the MAC address and forcing it to connect to the fake WiFi network is an easiest to cause 'man in the middle' attacks. If the device tries connecting to the original network, the hacker can even force to bypass it and re-connect it to the rogue one.
WPA2 key encrypts each block of the WPA2 password, the Krack attack forces certain implementations of these blocks to reuse the same key combination multiple times. The devastating problem lies in the encryption of the WiFi network, which further expands the damage to the flaw to all devices connected to the network.
While there are no reports of the flaw being exploited currently, the security flaw can be exploited on a larger scale to cause a mass attack. The vulnerability can be exploited to even inject and manipulate data. It is not advisable to switch to the insecure WEP protocol as a fix. You should wait until your devices are patched with the security fix.
Comments
Post a Comment