Security researchers at ESET have discovered a high-severity Wi-Fi flaw dubbed ‘Kr00k’ which has affected more than a billion devices, including smartphones, PCs, and other IoT devices.
‘Kr00k’ is a chip-level security flaw affecting the Wi-Fi chips manufactured by Broadcom and Cypress. By exploiting the flaw, a hacker can eavesdrop on anyone’s encrypted Wi-Fi traffic.
Tagged as CVE-2019-15126, ‘Kr00k’ security vulnerability gets its name from 2017’s infamous KRACK (Key Reinstallation Attacks), which was prevalent in WPA and WPA2 protocols used for securing Wi-Fi communication.
Researchers found that the Kr00k flaw has affected several products from Apple (iPhone, iPad, Macs), Amazon’s Echo and Kindle products, smartphones from Samsung, Google and Xiaomi, and Raspberry Pi 3.
How Does ‘Kr00k’ Flaw Works?
When a device connects to a Wi-Fi access point (AP), the process is called association, and when it disconnects from an AP, it is termed as dissociation.
Kr00k flaw manifests itself after a hacker manually triggers the process of dissociation. The data, mainly the session key, from the affected chip’s transmission buffer is cleared and set to zero.
According to ESET security researchers: “These data frames can be captured by an adversary and subsequently decrypted. By repeatedly triggering disassociations (effectively causing reassociations, as the session will usually reconnect), the attacker can capture more data frames.”
[embedded content]
Even though the security vulnerability exists at the hardware level, the researchers say that it can be fixed with a software update. The fix woul ..
Support the originator by clicking the read the rest link below.
