Wednesday, 6 December 2017

What is KRACK Hack vulnerability


What is Krack

Krack is said to be an abbreviation for Key reinstallation attack which tends to involve an attacker utilising a one-time key which has been provided to the device of a client intending to connect to Wi-Fi network.

According to KU Leuven’s Mathy Vanhoef the researcher who discovered the vulnerability, his discoveries had been reported by tech site Ars Technica recently. He states that in some of the instances, hackers tend to exploit Krack in order to inject malware like ransomware in websites.

Vanhoef, informs that on doing so, the hacker has the potential to decrypt information which has been swapped from the access point with the client device wherein the personal details such as credit card numbers, together with messages and password can be exposed. It is here that the process of the hack can take place as described on the website of Vanhoef.

This latest discovered vulnerability can permit attackers to seize sensitive data which is transmitted between Wi-Fi access point and a computer or a mobile device which can be encrypted. This error is known as Krack that affects WPA2 which is a security protocol extensively utilised in the up-to-date Wi-Fi devices.

Four-Way Process Handshake

When a device tends to connect with a protected Wi-Fi network, there is a four-way process handshake for Krack , which occurs wherein this handshake warrants that both the client and the access point have the precise login authorisations for the network.

This tends to generate a new encryption key in order to protect web traffic wherein the encryption key is installed at step three of the four-way handshake. However the access point at times tends to resend the same key if it considers that the message could have been misplaced.

 Research of Vanhoef has discovered that the attackers could force the access point in order to install the identical encryption key which the intruder could utilise to attack the encryption protocol and decrypt the data. Vanhoef cautions that any device that seems to support Wi-Fi could probably be affected by Krack though Linux-based devices together with Android devices running version 6.0 or higher of the Android operating system are likely to be in danger. Presently it would comprise of over 40% of Android devices.


Update Wi-Fi Devices

Proof of the concept had been displayed by Vanhoef portraying how exploitation utilising the Krack technique was possible. He cautioned on his website that he was not in a position to determine if such attacks had been actively utilised.

Vanhoef also mentioned that in order to protect the user from Krack attacked, it was essential to update Wi-Fi devices such as the smartphones, laptops and tablets no sooner the updates are made available. Users are also cautioned to update their firmware of router. A security update addressing the issue had also been released by Microsoft according to the reports of The Verge.

Wi-Fi Alliance which is a network of companies making Wi-Fi devices, defining Wi-Fi standards and programs had informed that platform providers have begun organizing patches for the purpose of addressing the problem.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.