Major Security Flaw Puts Nearly Every Wi-Fi Device At Risk Of Hackers Stealing Sensitive Info
There is an extremely worrying vulnerability that is possible of affecting nearly every device that uses Wi-Fi. Details were revealed that a major Wi-Fi Protected Access 2 (WPA2) security flaw allows hackers to eavesdrop and even hijack all of your activities on the internet. The vulnerability happens during the process of negotiating the encryption keys used by the client and access point. Hackers could steal sensitive information such as credit card numbers, passwords, emails, messages, and photos.
The attack is called “KRACK” (Key Reinstallation Attack) and researchers discovered the possibilities of the malicious cyber attack on Monday. The malicious hacker does have to be in range to a execute the attack. The cyber attacks, which could potentially affect every router, smartphone, and PC, may even allow the hacker to install ransomware and other malware into websites.
Forbes explains how the hack works:
KRACK sees a hacker trick a victim into reinstalling an already-in-use key. Every key should be unique and not re-usable, but a flaw in WPA2 means a hacker can tweak and replay the “handshakes” carried out between Wi-Fi routers and devices connecting to them; during those handshakes, encryption keys made up of algorithmically-generated, one-time-use random numbers are created. It turns out that in WPA2, it’s possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted.