Wi-Fi WPA2 Security Hacked – Your data Is No Longer Secure: When configuring a new Wi-Fi router, there is a WARNING that reads: “Choose a secure password and select the WPA2 protocol”, which lacks the vulnerabilities of older technologies like WEP. This is no more valid.
A set of severe flaws found in WPA2 makes the Wi-Fi networks scattered around the world unsafe. By exploiting the vulnerabilities, a hacker can hijack the traffic between the device and the router, gaining delicate information like passwords and bank data, or injecting malicious content into authentic sites, paving the way for malware spreading.
Like any significant security breach, it got a name: KRACK, an acronym for Key Reinstallation Attacks. The breakthroughs were discovered by security researcher Mathy Vanhoef
The target of the attack is not the router, but devices connected to a Wi-Fi network, and the most affected are those running Linux operating systems and Android 6.0 or higher. However, “the weaknesses are in the Wi-Fi standard, not in individual products or deployments. Therefore, any correct implementation of WPA2 will likely be affected, “says Vanhoef.
How does It work?
This four-minute video shows how you can intercept traffic from an Android device connected to a Wi-Fi network:
In the video, Vanhoef uses the Match.com dating site, which traffics information over a secure connection (HTTPS). When you block the network, you can force an insecure version of the page to appear. From there, any data is available to anyone who is spying on the network.
The detailed operation of KRACK is available on this page. For in-depth details make sure to visit the web page.
There nothing we can do right now to dodge the KRACK attack. As soon as we got the fix we will update this article. So, stay tuned.