New Attack against WPA2 “KRACK”

Hello Everyone,

Security Stock Image

There has been a new security flaw found in the WPA2 stack  a security researcher was able to  manipulate handshake packets in the 4 way WPA handshake and perform a key re-installation attack.

1.)T he basics of this attack is that an attacker would need to be in close range of  your network

2.) The attacker  manipulate the 3rd stage of the handshake process which tricks the client to install a key that is already in use  thus allowing the attacker to read all of the traffic that should be encrypted via WPA

It has been found that Linux ,MAC and Android devices are most vulnerable since an implementation bug allows for the devices to install an all zero key

This is a perfect example as to why it is important to be using a VPN service when connected to a public WI-FI   if you did fall victim to this attack it would be in-effective if the traffic were encapsulated in a VPN tunnel.

 

See below for a demo of this attack from the researcher who found the exploit.

 

KRACK Attacks: Bypassing WPA2 against Android and Linux

 

It is  highly recommended to check your router for firmware updates if not available it may be time to replace your WI-FI router to better protect your self

Also you will want to check for software patches on your operating systems to patch this vulnerability .

With sources from securityaffairs.co/wordpress/64373/breaking-news/wpa-krack-attack.html

Liked it? Take a second to support Sean Mancini on Patreon!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.