FreshOne

A new online threat is making waves around the world. Key Reinstallation Attack (aka KRACK) is a network vulnerability that has recently been discovered by Mathy Vanhoef of the imec-DistriNet research group. What’s the big deal about this one? It turns out to threaten every modern protected WiFi network and all devices connected to one.

Technicalities

KRACK abuses a massive weakness in WPA2, a protocol used to protect all modern secured WiFi networks. If you are using a protected WiFi network, you can be affected. An attacker can intercept, read, and in some cases manipulate the data transferred via the network. This includes CC numbers and passwords, emails, chat messages, photos – basically anything.

The discovered vulnerability stems from a 4-way handshake confirmation process of the WPA2, executed when you try to join a WiFi network. During this process, parties check if the entered password is correct, and exchange encryption keys. The latter will then be used to encrypt the traffic between a device and a wireless network.

The third handshake normally transfers the encryption key and confirms its receipt. If the reception is not acknowledged, the internet access point will resend the key. Malefactors can intercept these messages and transform them, resulting in your protected WiFi connection using a compromised key.

Due to specifics of Linux and Android, they are especially prone to KRACK. According to Mr. Vanhoef, “currently 41% of Android devices are vulnerable to this exceptionally devastating variant of our attack.”

Warding off KRACK dealers

First and foremost, this is a patchable problem, so make sure that your software is updated. Though releasing updates takes time so no way to know how long you will have to wait for it.

Mathy Vanhoef mentioned HTTPS may provide an additional layer of protection against such attacks too. Finally, use a VPN services, like VPN Unlimited, as an additional level of security.