DIGITAL CONTENT CREATOR

Security specialist Mathy Vanhoef, who identified key reinstallation attacks (KRACKs) on the WPA2 protocol (used to secure Wi-Fi communication) a few years ago, has named his newest research project FragAttacks.

FragAttacks (fragmentation and aggregation attacks) are a group of new security vulnerabilities that impact Wi-Fi devices.

As stated by the cybersecurity specialist, a dozen Wi-Fi design and implementation vulnerabilities make it now possible for threat actors to steal transferred data and evade firewalls to assault devices on home networks.

He also said that numerous attacks are really difficult to abuse and need user interaction, whilst others remain superficial.

Patches for several impacted devices and software have already been deployed, thanks to a nine-month-long coordinated accountable disclosure supervised by the Wi-Fi Alliance and the Industry Consortium for Advancement of Security on the Internet (ICASI).

Linux patches have been implemented and the kernel mailing list note state that Intel has communicated the vulnerabilities in a recent firmware update, while Microsoft launched its patches in March.

Vanhoef stated in a blog post:

An adversary that is within the radio range of a victim can abuse these vulnerabilities to steal user information or attack devices.

Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities.

Source

Multiple vulnerabilities have the ability to inject plaintext frames, as well as certain digital products accepting any unencrypted frame or accept plaintext aggregated frames that are similar to handshake messages.

The researcher showed how this could be exploited to make a hole in a firewall, taking over an unprotected Windows 7 device.

The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone’s home network.

For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately… this last line of defense can now be bypassed.

Source

Other flaws relate to how Wi-Fi frames are fragmented and how recipients repair them, enabling cybercriminals to exfiltrate information

Even devices that do not support fragmentation were in danger.

Some devices don’t support fragmentation or aggregation but are still vulnerable to attacks because they process fragmented frames as full frames. Under the right circumstances, this can be abused to inject packets.

Source

To organize an attack based on these vulnerabilities, the hacker has to be in the range of the potential victim and the relevant Wi-Fi entry point. The attacker would then have to trick the victim into downloading a picture from an adversary-controlled server.

The CVEs registered to due FragAttacks have been given a medium severity rating and have CVSS scores sitting between 4.8 to 6.5.

The Wi-Fi Alliance said that there is no proof that these flaws are being used against Wi-Fi users to harm, and these problems are mitigated via standard device updates that allow detection of dubious transmissions or improve adherence to advised security application practices.

According to Vanhoef, anyone with unpatched devices can protect against data exfiltration by using HTTPS connections.

To mitigate attacks where your router’s NAT/firewall is bypassed and devices are directly attacked, you must assure that all your devices are updated. Unfortunately, not all products regularly receive updates, in particular smart or internet-of-things devices, in which case it is difficult (if not impossible) to properly secure them.

Source

The attack collision can also be lessened by manually configuring your domain name system server so that it cannot be affected. Depending on your Wi-Fi configuration, you can make cyber assaults less severe by deactivating fragmentation, dynamic fragmentation in Wi-Fi 6 (802.11ax) devices, and pairwise rekeys.

Unfortunately, these attacks cannot be completely prevented.

Network Cybersecurity 101: Protecting Your Company’s Online Perimeter

The Krack Wi-fi Vulnerability Explained in Plain Terms

11 Steps to Improve Your Public Wi-Fi Security

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP