Cyber security researchers have recently uncovered a new vulnerability residing in Wi-Fi chips manufactured by Broadcom and Cypress. They are the companies that power over a billion devices including smartphones, laptops, tablets, IoT devices, and routers.
Tracked as CVE-2019-15126 the flaw could let nearby distant attackers intercept and decrypt some wireless network packets carried over the air by a vulnerable device. The hacker doesn’t need to be connected to the victim’s wireless connection and the flaw works against affected devices using WPA2-Personal or WPA2-Enterprise protocols, with AES-CCMP encryption. This serious flaw causes vulnerable devices to use an all-zero encryption key to encode part of the user’s communication. A successful attack allows an adversary to encode some wireless network packets that carry out a vulnerable device.
ESET (cyber security consultancy firm) said, “Our tests confirmed some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to Kr00k”
What is Kr00k?
Kr00k is relevant to KRACK (key reinstallation attack). Krack is a kind of cyberattack that exploits a vulnerability in WPA2 to steal sensitive data transmitted over networks. Gains illegal access to the computer and causes damage.
Kr00k is the bug that can exploit by an attacker to intercept and decrypt some type of WiFi network traffic. According to ESET “Kr00k affects all WiFi-capable devices running on Broadcom and Cypress Wi-Fi chips. These are two of the world's most popular WiFi chipsets, and they are included in almost everything, from laptops to smartphones, and from access points to smart speakers and other IoT devices.”
Both the attack can allow nearby attackers to gain access to the sensitive information which should have only been sent after being securely encrypted.
Kr00K doesn’t allow:
- 1. It doesn’t allow the attackers to connect your Wi-Fi network and launch further man-in-the-middle attacks
- 2. It doesn’t let attackers know your Wi-Fi password and also by changing it won’t help you to patch the issues
- 3. It doesn’t let the attackers catch and decrypt some wireless packets but there is no way to detect what data is going to include
- 4. It doesn’t endure in the Wi-Fi encryption protocol, instead, it exists in the way vulnerable chips carry out the encryption
Note: Cyber security experts found that this bug doesn’t lead to a full negotiation of a user’s communication. This attack can exploit to break the encryption used to secure the Wi-Fi network. If the user’s original communications were also encoding then also the communication remain encrypted even after a Kr000K attack.
ESET found the following devices were vulnerable to Kr00k:
- 1. Amazon Echo 2nd gen
- 2. Amazon Kindle 8th gen
- 3. Apple iPad mini 2
- 4. Apple iPhone 6, 6S, 8, XR
- 5. Apple MacBook Air Retina 13-inch 2018
- 6. Google Nexus 5
- 7. Google Nexus 6
- 8. Google Nexus 6S
- 9. Raspberry Pi 3
- 10. Samsung Galaxy S4 GT-I9505
- 11. Samsung Galaxy S8
- 12. Xiaomi Redmi 3S
- 13. Asus RT-N12
- 14. Huawei B612S-25d
- 15. Huawei EchoLife HG8245H
- 16. Huawei E5577Cs-321
Cyber Security experts have already reported this issue to the chip manufacturers Broadcom and Cypress. Apple has already released patches for its users and other vendors are still testing the issue against their devices.
As a user if you want to protect yourself from the cyberattack make sure you have applied all the latest available updates to your Wi-Fi capable devices.
Leave a Comment:
Get Exclusive Cyber Security Tips On:
Prevention from damage dealt to an organization’s reputation.
Investments on fixing the issues caused by attack.
Preventing confidential data and Intellectual Property being stolen
Prevention of revenue loss due to service disruption and much more.