Information security researchers uncovered a new hardware vulnerability in the widely-used Wi-Fi chips manufactured by companies today ā apparently powering over a billion devices, including smartphones, tablets, laptops and routers.
The flaw, dubbed 'Kr00kā could let nearby remote attackers intercept and decrypt some wireless network information transmitted over-the-air by a vulnerable device.
Not only that, the attacker does not need to be connected to the victim's wireless network and the flaw will still work against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols.
As we previously reported about The Difference Between WEP, WPA, and WPA2 Wi-Fi protocols in another article,
Even if you know you need to secure your Wi-Fi network (and have already done so),
you probably find all the security protocols little bit confusing and you should read it in order to protect your network better.
Image placeholder - Original image not available
Now you might be wondering what the Kr00k attack then let attackers do?
First thing you should know, It doesn't let attackers know your Wi-Fi password, and also changing it wouldn't help you patch the issue.
It doesn't affect modern devices using WPA3 protocol, the latest Wi-Fi security standard. (Go read our article about Wi-Fi protocols).
A successful attack makes the connection to the encrypted Wi-Fi as same as what you'd have on an open Wi-Fi network. and because of that,
what sensitive information attackers can capture from a vulnerable device is endless.
Do you wish to protect your network from attackers or malicious actors? contact us now. and our Wi-Fi Penetration Testing team will contact you shortly.