New bug exposes Wi-Fi traffic of billion devices (including phones)
What's the story
In a major shocker, researchers from antivirus company ESET have raised alarms over a critical security vulnerability plaguing billions of devices around the world. The issue, dubbed Kr00k, affects Wi-Fi communication capabilities of certain 'connected' devices and can be exploited by hackers to snoop in on private Wi-Fi traffic. Here's all you need to know about it.
Issue
Flaw affecting devices with Broadcom and Cypress chips
Speaking at the RSA security conference, the ESET team claimed that Kr00k exists on all devices using Wi-Fi chips from Broadcom and Cypress and allows decryption of traffic only when they are relying on WPA2 connections. Now, that might not seem concerning, but the thing is, these chips are used on billions of devices around the globe, starting from phones to IoT devices.
Details
Popular Apple, Google devices confirmed to be affected
While the researchers could not verify the existence of Kr00k on every single device using Broadcom and Cypress chips, they did test some renowned products, including those from Apple and Google. The work confirmed that various models of Apple iPhone, iPad, MacBook, Google's Nexus, Samsung's Galaxy phones, Xiaomi's Redmi devices, and Amazon's Echo and Kindle line are affected by the flaw.
Issue
How the attacker could decrypt Wi-Fi traffic?
Typically, Wi-Fi traffic, the data packets sent over Wi-Fi, is encrypted with a unique key to prevent snooping. However, in the case of devices with Broadcom/Cypress chips, the researchers noted that the key resets back to an all-zero value due to temporary-disconnection. This opened a way for attackers to force devices into prolonged disconnection, receive/intercept Wi-Fi packets, and decrypt them using the all-zero key.
Patches
Patches should be available for your devices
While the issue is critical, it is worth noting that ESET has worked with the two chip-makers and their partner vendors over the past few months to release a patch for the issue. The fix should have been installed with the latest OS or firmware updates of your device and can also be checked by looking for CVE-2019-15126 ID in the update changelog.
Information
What to do if the patch is not available?
If, by any chance, your device manufacturer has not made the patch from Broadcom/Cypress available, we would recommend switching to the newer WPA3 Wi-Fi authentication protocol. This is because the bug in question only affects connections using WPA2-Personal or WPA2-Enterprise Wi-Fi security protocols.