KRACK attack works on all modern protected WiFi networks against WPA1 and WPA2. So, it also makes Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and more vulnerable. Researchers have made an attack vector variant in which they found that around 41% of Android devices are affected
KRACK Attack: 41% Of Android Devices Are Easy To Hack
Just a few days ago, we have talked about WPA2 encryption protocol. Researchers have discovered a 13-year-old vulnerability in WPA2 protocol that can allow hackers within a range of the network to extract the Wifi password and intercept Internet traffic.
Researchers have claimed that the vulnerability can be seen in action in the form of a proof-of-concept known as KRACK which is Key Reinstallation Attacks.
Well, let me tell you the KRACK attack works on all modern protected WiFi networks against WPA1 and WPA2. So, it also makes Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and more vulnerable.
However, it looks like almost every supported device and operating systems are at risk of KRACK attack. Android and Linux could have far worse consequences compared to other OS because the wpa_supplicant is the WiFi client commonly used on Linux and Android version 6.0+
Researcher Mathy Vanhoef on its website wrote: “Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux”. The researcher found the vulnerability accidentally while he was working on another paper.
Researchers have made an attack vector variant in which they found that around 41% of Android devices are affected which makes it “trivial to intercept and manipulate traffic sent by these Linux and Android device”
According to krackattacks.com, the possible fix for KRACK attack would be backward-compatible with older implementations of WPA2. Krackattacks.com also mentions that changing the passwords of Wifi network will not prevent the attack.
Further, Vanhoef has advised home users to update their WiFi compatible devices including computers and phones. He also suggested disabling features like client mode and 802.11r.
So, what do you think about this? Share your views in the comment box below.