The attack works against all modern protected Wi-Fi networks. "This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," Vanhoef wrote in his report detailing the flaw. "An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Therefore, any correct implementation of WPA2 is likely affected." According to Vanhoef, the WPA2 vulnerability is "in the Wi-Fi standard itself, and not in individual products or implementations. The KRACK WPA2 vulnerability was discovered and named by Mathy Vanhoef, a network security and applied cryptography post-doctoral candidate, and Frank Piessens, a computer science professor at the University of Leuven in Flanders, Belgium.
0 Comments
Leave a Reply. |