Hello friends.. Here you are about to find the most important and something unbelievable about the WiFi networks we use daily. What if someone tell you that your WiFi is hackable! Or what if I tell you that all of your private data in this world is hackable. And everyone is at risk! Some of you won't believe me but this has become a reality and you can't neglect it.
Till now, all we knew about WiFi hacking was hacking passwords and WiFi sniffing attacks. Also these attacks were not successful on all WiFi devices. But now, there is something big. All the wifi devices are hackable. And the attacker can get all your private data through it. Hence, this is something serious that should be taken care of. I expect you to read this whole article, take the corrective steps and share this post on facebook, whatsapp and all other social media websites to make people aware of the the big risk they are in.
Introduction
Most vulnerabilities go unnoticed by the majority of the world’s
population even if they affect several million people. But this news,
published yesterday, is probably even bigger than all other security breaches
and affects several billion people all over the world: Researchers have
found a bunch of vulnerabilities that make all Wi-Fi networks insecure.
Researchers have found out that devices based on Android, iOS, Linux,
macOS, Windows, and some other operating systems are vulnerable to some
variation of this attack, and that means almost any device can be
compromised. They called this type of attack a key reinstallation attack, or KRACK for short.
What is KRACK?
The attack is against the 4-way handshake of the WPA2
protocol.
This handshake is executed when a client wants to join a protected
Wi-Fi network, and is used to confirm that both the client and access
point possess the correct credentials (e.g. the pre-shared password of
the network).
At the same time, the 4-way handshake also negotiates a fresh
encryption key that will be used to encrypt all subsequent traffic.
Currently, all modern protected Wi-Fi networks use the 4-way
handshake.
This implies all these networks are affected by (some variant of) our
attack.
For instance, the attack works against personal and enterprise Wi-Fi
networks, against the older WPA and the latest WPA2 standard, and even
against networks that only use AES.
All the attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK).
Now to understand how KRACK works, we need to know how the WiFi devices work.
The process of connecting to a Wi-Fi network
When a client joins a network, it executes the 4-way handshake to
negotiate a fresh encryption key.
It will install this key after receiving message 3 of the 4-way
handshake.
Once the key is installed, it will be used to encrypt normal data
frames using an encryption protocol.
However, because messages may be lost or dropped, the Access Point
(AP) will retransmit message 3 if it did not receive an appropriate
response as acknowledgment.
As a result, the client may receive message 3 multiple times.
Each time it receives this message, it will reinstall the same
encryption key, and thereby reset the incremental transmit packet number
(nonce) and receive replay counter used by the encryption protocol. The researchers at Kaspersky Lab found that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3 of the 4-way handshake.
By forcing nonce reuse in this manner, the encryption protocol can be
attacked, e.g., packets can be replayed, decrypted, and/or forged.
The same technique can also be used to attack the group key, PeerKey,
TDLS, and fast BSS transition handshake.
I am damn sure that some of our readers will not understand what is written above (as it requires the concepts of networking to be clear) but the latter part will make everything clear.
How does the KRACK attack work?
To perform this attack, the attacker has to set up a Wi-Fi network with
the same name (SSID) as that of an existing network and target a
specific user. When the attacker detects that the user is about to
connect to the original network, they can send special packets that make
the device switch to another channel and connect to the fake network
with the same name.
After that, using a flaw in the implementation of the encryption
protocols they can change the encryption key the user was using and thus access all of the information that the user
uploads or downloads.
One may argue that there’s another layer of security — the encrypted connection to a site, e.g., SSL or HTTPS. However, a simple utility
called SSLstrip set up on the fake access point is enough to force the
browser to communicate with unencrypted, HTTP versions of websites
instead of encrypted, HTTPS versions, in cases where encryption is not
correctly implemented on a site (and that is true for quite a lot of
websites, including some very big ones).
So, by using this utility in their fake network, the attacker can
access the users’ logins and passwords in plain text, which basically
means stealing them. And not only the plain login passwords but all the data which goes into plain text form is accessible by the attacker. Even OTPs are accessible. So, now you know - What the heck.!
Let me give you a short information about SSLStrip. SSLStrip is a type of MITM attack that forces a victim's
browser into communicating with an adversary in plain-text over HTTP,
and the adversary proxies the modified content from an HTTPS server. To
do this, SSLStrip is "stripping"
https:// URLs and turning them into http:// URLs. Hence, the data is transmitted in plain text form rather than encrypted form. So, finally you know that everyone including you is at risk.How to stay secure?
The fact that almost every device in almost every Wi-Fi network is
vulnerable to KRACK sounds quite scary, but like pretty much any other
type of attack, this one is not the end of the world. Here are a
couple of tips on how to stay safe. First of all, you should understand that - here the vulnerability lies in the protocols designed. Hence, you cannot do anything extra rather than depending on the company of your WiFi device.
- Always check to make sure there’s a green lock icon in the address bar of your browser. That lock indicates that an HTTPS (encrypted and therefore secure) connection to this particular website is being used. If someone attempts to use SSLstrip against you, the browser will be forced to use HTTP versions of websites, and the lock will disappear. If the lock is in place, your connection is still secure.
- Most of appliance manufacturers are in the process of issuing firmware updates that can fix the issue with key reinstallation. So check if there are fresh firmware updates for your devices and install them as soon as possible.
- You can secure your connection using a VPN, which adds another layer of encryption to the data transferred from your device.
So, now you know what to do - share this and spread awareness. Thank you..
