Researchers at ESET discovered a new flaw named Kr00k in Wi-Fi chips, that could enable a remote attacker to intercept and decrypt the data happening as network traffic. As the Wi-Fi facility is available in most of the devices, it’s said that this flaw puts more than one billion devices at risk now.
More than a billion devices at risk!
A security flaw in Wi-Fi chip has now exposed over a billion devices, that include PCs, smartphones, IoT open for attack. Tracked as CVE-2019-15126, ESET researchers named this bug as Kr00k and is found in all the Wi-Fi chips made by Broadcom and Cypress.
Kr00k bug has a similar reference to KRACK (Key Reinstallation Attacks) from 2017, which leveraged the flaws in WPA and WPA2 protocols if Wi-Fi for secure communication. Gadgets at risk are from popular names as Apple products (includes iPhones, Macs, iPads), Samsung, Amazon’s Echo and Kindles, Xiaomi, Google and even Raspberry Pi!
Whenever there’s a connection to Wi-Fi Access Point, the adjoining is called association. Similarly, the disconnection of that link is termed as dissociation. Here, as per researchers, an adversary can capture data frames that are being created whenever there’s a dissociation of Wi-Fi. The data frames consist of all the network traffic data and most importantly, session key. This can be captured as frames and decrypted. This was caused due to the bugged Wi-Fi chip, where the transmission buffer sets automatically to zero as value whenever there’s a dissociation.
Patch already available
Interestingly, this flaw can be fixed by a software update even though the hardware chip’s being bugged. Broadcom and Cypress have passed patches for this already and urges users and potential victims to apply it as soon as possible. This patch can stop the transmission buffer setting into zero and even drops all the data immediately after dissociation, thus not being fed into data frames and stolen by a hacker.
Researchers had tested this vulnerability at RSA Conference 2020 among various devices as Amazon’s Kindle, Echo, iPhones, Nexus and Samsung phones to show how hackers can retrieve passwords to exploiting this flaw.