On Monday, Mathy Vanhoef, a Belgian researcher, has released a lot of details regarding a new widespread hack. Its official name is KRACK, which comes from Key Reinstallation Attack, and it reportedly affects everyone that uses a Wi-fi connection. Through it, hackers are able to access and decrypt everything that a person is doing on the internet.
The official description on the KRACK official website says that attackers can use this new vulnerability to steal all sorts of sensitive and very important information. From credit card numbers and private messages to passwords and personal files. It’s also very important to know that the hack can affect all protected Wi-fi networks. Moreover, it’s so dangerous that hackers can use it to inject things like malware and ransomware into websites.
The dangerous KRACK hack
What it happens is that most internet users rely on a core encryption protocol that’s commonly called WPA2. This helps them hide their internet use from other people. The idea is that a specific key shouldn’t function more than once but somehow, an issue in WPA2 tricks the user into installing an already-used key. And hackers are able to do this through this KRACK vulnerability.
So, in a way, thanks to this flaw, hackers are now able to manipulate those key in such a way that they gain access to a person’s private information. According to the team of researchers that have discovered this problem, Linux and Android users seem to be the most vulnerable to KRACK. Moreover, they posted a video on YouTube that shows the degree of devastation such an attack could cause.
It seems like a coding error is making is so easy for hackers to access an Android device. Upon forcing the reinstallation of a key, the hacker will immediately gain access to it. What’s even more troubling is that practically any device connected to a Wi-fi network can become a target.
It can affect any Wi-fi connected device
The solution to this problem is to immediately update the device as soon as a security patch becomes available. Even Apple and Windows can become targets. So basically, hackers can attack any device or machine that has a Wi-fi connection. However, the good news is that most likely, not too many people will fall victim because the hacker would have to be somewhere near the router. They would have to directly connect to it in order to steal the info.
Image source: freegreatpicture