KRACK Attack: 41% of Android Devices Affected And Easy To Hack

Gladys Abbott
October 17, 2017

'US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol.

Discovered by KU Leuven researcher Mathy Vanhoef, the flaw is being referred to as "KRACK" - short for key reinstallation attack - and involves exploiting a design flaw in the four-way handshake used by the WPA2 wireless protocol, along with numerous other cryptographic protocols. Depending on the network configuration, it is also possible to inject and manipulate data as well as eavesdropping on communications.

As plainly put, a bug affectionately called KRACK (Key Reinstallation Attack) has put nearly every modern Wi-Fi enabled device and content at risk of being decrypted by hackers.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations.

"Additionally, it's likely that you don't have too many protocols relying on WPA2 security". Researchers found devices using Android, Linux, Apple, Windows, OpenBSD, MediaTek and Linksys were affected. While the nonce is meant to prevent replay attacks, in this case, attackers are then given the opportunity to replay, decrypt, or forge packets. The idea is that a specific key shouldn't function a few times but somehow, an issue in WPA2 tricks the user into installing an already-used key.

The Verge has reached out to a variety of Android phone makers to clarify when security patches will reach handsets, and we'll update you accordingly.

More news: Irish comedian Sean Hughes dies, aged 51

(Client to AP) OK, here's some one-time random data from me to use as well.

While he acknowledged that some of the attack scenarios discussed in his research are impractical to pull off, he said the bottom line is that you should still "update all your devices once security updates are available". Many vendors have already issued patches for the vulnerability and we highly recommend you download and install those updates. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together". When hackers find a network with the vulnerability, they make a clone, impersonate the MAC address but change the Wi-Fi channel.

The website krackattacks.com is now live and provides details on the recently known WPA2 exploit proof-of-concept known as KRACK (Key Reinstallation Attack).

According to Google statistics, released in May this year, there are now more than two billion monthly active Android devices in use around the world. The WiFi router and device generate one-time use encryption keys when they connect. Apple's macOS is vulnerable to nearly as many variants, but Windows is only affected by one version or KRACK. Android devices, on the other hand, are likely going to need some patching, and soon. "Additionally, it is possible to recover the authentication key, which in GCMP is used to protect both communication directions [as client or access point]...therefore, unlike with TKIP, an adversary can forge packets in both directions". Failing to do so with a wireless access point, for example can quickly leave you with an expensive, oversized paperweight.

This padlock will appear on all HTTPS sites.

Other reports by LeisureTravelAid

Discuss This Article

FOLLOW OUR NEWSPAPER