WPA2 is the most common wireless encryption protocol used around world was hacked by a new method called KRACK attack (Key Reinstallation Attack). Most of the modern devices uses WPA2 WiFi protocol to secure the network.
We all access WiFi networks through a WiFi router/WiFi HotSpot from a friend’s mobile or from your broadband or other wireless internet connections. All those WiFi networks are protected by WPA2 encryption, a recent information shows that the researchers had found a severe vulnerability which causes hackers to gain access to your network and steal sensitive information such as plain text/messages which are served through http. This new method of attack is called KRACK Attack. It allows to decipher your WiFi password and intercept the internet traffic within the physical range of your network.
KRACK Attack (Key Reinstalltion Attack)
A security expert, Mathy Vanhoef from KU Leuven University at Belgium, had discovered this new serious weaknesses in WPA2. An attacker within range of a victim can exploit these weaknesses using Key Reinstallation Attack (KRACK). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. This newly discovered vulnerability also also attacker to do injections such as scripts into website, redirecting to malicious websites.
A website called krackattacks.com describes the vulnerability and demonstration of WPA2 attack made by Mathy Vanhoef. Mathy’s research paper behind the attack is titled as “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” and will be presented at the Computer and Communications Security (CCS) conference on 1st November 2017.
I found a MitM attack against OpenBSD: A logical vulnerability in the WPA1/WPA2 protocol implementation. https://t.co/o88hHICaPf
— Mathy Vanhoef (@vanhoefm) March 1, 2017
Demonstration of KRACK Attack in WPA2 WiFi network
How to Prevent KRACK Attack ?
Currently you can’t prevent this attack, but for now you can do the following things to stay safe.
- Use a VPN (Virtual Private Network) to keep sensitive data safe.
- Prefer HTTPS over HTTP.
- Don’t use public WiFi networks unless it’s necessary.
- Don’t visit or download softwares from unknown websites.
As soon as your wireless device manufacturers release a security patch, update your device with latest firmware. As soon we know more about this, we will update this post.
Well WPA2 WiFi (WiFi Protected Acces II) is thirteen years old, maybe it’s time to upgrade to newer security protocol. So what do you think about this new security issue, Share your thoughts and experiences with us.