Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Every Wi-Fi network at risk of 'Krack' hacking attack


  • Please log in to reply
5 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:28 PM

Posted 16 October 2017 - 06:20 PM

Every Wi-Fi network at risk of unprecedented 'Krack' hacking attack

Every Wi-Fi connection is potentially vulnerable to an unprecedented security flaw that allows hackers to snoop on internet traffic, researchers have revealed...In theory, it allows an attacker within range of a Wi-Fi network to inject computer viruses into internet networks, and read communications like passwords, credit card numbers and photos sent over the internet.

New KRACK Attack Breaks WPA2 WiFi Protocol

...KRACK allows an attacker to carry out a MitM and force network participants to reinstall the encryption key used to protected WPA2 traffic...The attack works only if the attacker is in the victim's WiFi network range, and is not something that could be carried out via the Internet.The KRACK attack is universal and works against all type of devices connecting or using a WPA2 WiFi network. This includes Android, Linux, iOS, macOS, Windows, OpenBSD, and embedded and IoT devices.


.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


m

#2 archiemac

archiemac

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 17 October 2017 - 03:53 AM

DrayTek's security advisory says "If you use a DrayTek wireless product (router or access point) and you are only using it as the wireless base, then it is not vulnerable to 'Krack' and a patch/update is not necessary for that operation."  I've emailed their tech support to check whether this is correct, and that it applies to legacy routers. 

 

Anyone have info re DrayTek and KRACK?

 

TIA

mac



#3 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 5,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:03:28 PM

Posted 17 October 2017 - 08:30 AM

I have also just read that for those on Windows 10, the update KB4041676 patches the vulnerability.   This came from a source that I trust, but I cannot find, specifically, where in the list of fixes in KB4041676 this is addressed (but that doesn't mean it isn't).  Perhaps someone here can provide additional information.

 

Brian  AKA  Bri the Tech Guy (website address in my profile) Windows 10 Home, 64-bit, Version 1709, Build 16299

       

    Plus ça change, plus c'est la même chose
              

 


#4 JohnC_21

JohnC_21

  • Members
  • 20,558 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:28 PM

Posted 17 October 2017 - 10:10 AM

Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point (AP), and vice versa. In other words, a patched client or access point sends exactly the same handshake messages as before, and at exactly the same moment in time. However, the security updates will assure a key is only installed once, preventing our attack. So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!

All those Android Phones that never get patched is something to be concerned about. I have a Att Uverse gateway and from the looks of it Att isn't going to be rushing out a patch for all their different gateways. I doubt public hotspots will have priority either.

 

https://www.krackattacks.com/


Edited by JohnC_21, 17 October 2017 - 10:11 AM.


#5 snorkel

snorkel

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 31 October 2017 - 07:57 AM

I can't seem to find a definitive answer, so here are my two questions.

Is it a worry if older routers (no longer supported) running in regular router mode remain unpatched?

Is it the operating system that needs patching or the wifi device driver that needs to be updated or both?



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:28 PM

Posted 31 October 2017 - 05:51 PM

With "regular router mode" you mean running as a wireless access point? Then no, it's not a worry for the vulnerabilities disclosed by Mathy.

On, Windows, it's the OS that needs patching. And I think that's also the case for all or most operating systems.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users