How dangerous is the gap in Wi-Fi network?
WPA, the security method used in most Wi-Fi connections worldwide, has been broken.
After exploiting security flaws, hackers can steal and decrypt data transmitted via Wi-Fi, inserting viruses into users' devices.
WPA , the security method used in most Wi-Fi connections worldwide, has been broken. According to Mathy Vanhoef, the researcher has found an attack technique (named Krack), a problem that primarily affects the Wi-Fi protocol, so most devices are at risk.
How does Krack break down Wi-Fi security?
Wi-Fi networks are at risk of being hacked based on attacking Krack.
Krack stands for Key Reinstallation Attack , which is part of the third step of the Four-way handshake. Krack technology can also be considered a "man in the middle" attack , that is, in a conversation that should be secret, but has a "stranger" eavesdropping.
Simply put, when a user's device connects to a Wi-Fi network that is protected, it will use a key to "talk" to each other. Because the encryption key can be re-sent multiple times in the third step (of the Four-way handshake), the attacker using Krack technique can get this code to decrypt the data.
Which devices are affected?
If your device has Wi-Fi connectivity, it runs the risk of being exploited by Krack technology, whether it's a phone, tablet or computer . including Android, iOS, macOS, Linux operating systems. or Windows . However, the most serious is Linux and Android, because the platform does not require a new key when connecting to Wi-Fi.
What data does a hacker get?
During a conversation (between a user's device and a Wi-Fi access point), a "stranger" stands in the middle to "eavesdrop" and get a "key" to decrypt all information. So when exploiting Krack technology, hackers can capture all traffic, including sensitive information such as credit card numbers, passwords, messages, emails .
Not only that, when it is possible to catch traffic transmitted over Wi-Fi networks, hackers can insert virus connections, extortion code, change websites to fake websites . Consequences further, the user's device is in danger of being remotely controlled, losing all the data stored on it .
Users are still safe
Https means that the website applies an encrypted connection.
It can be said with Krack technology, hackers can decrypt encrypted Wi-Fi connection. However, hackers can't get Wi-Fi passwords. In addition, if you access via virtual private network (VPN) or access to websites using Https connection (different from Http), the data is not affected.
Currently, many websites have adopted an encrypted connection (Https) that users can easily recognize by the address bar when accessing will display the green "padlock" icon. Https is almost the standard for banking websites, e-commerce sites or social networks .
- New vulnerability in Windows network features
- Basics of network devices
- Self-troubleshooting network system thanks to artificial intelligence
- This is why your creativity is inferior to others
- 11 -9 on the network
- Code for creating dangerous trojans is being sold
- Ericsson expanded GSM network with Vietnamese partners
- What is Lotus Social Network?
- Detection of space network
- China builds global satellite network
What is the Snapdragon SiP chip? How to create a yellow circle around the mouse cursor on Windows Edit the Boot.ini file in Windows XP 3 ways to restart the remote computer via the Internet Vietnam computer market: Looking back a year How to restore deleted applications on Android How to increase the capacity of C drive on Windows 10, 8, 7 ... 8 security features of Windows operating system