A researcher has discovered 12 vulnerabilities in the Wi-Fi protocol. FragAttacks, the threats resulting from these vulnerabilities make it possible to steal data or take control of devices, including connected objects. Some of these breaches have been present since the 1990s and concern all devices.
The omnipresent Wi-Fi is far from perfect in matter of security. A researcher from the Catholic University of Leuven in Belgium (KU Leuven) has, in fact, detected no less than 12 faults affecting devices equipped with a module Wi-Fi. The attack methods relating to these flaws have been grouped together under the heading FragAttacks. With them, a nearby attacker can exploit these vulnerabilities to steal data or take control of these devices. Through a Wi-Fi network, the researcher thus succeeded in taking control of a connected switch, as well as of a computer powered by Windows 7. In the latter case, the attacker can then launch an attack from this PC whose system is obsolete.
It turns out that three of these flaws date from the beginnings of Wi-Fi and its security in the 1990s. This is particularly the case for keys. WEP of the time, as well as for the latest protocols, such as WPA3. These are therefore design flaws and therefore affect virtually all devices.
In this video, the Belgian researcher shows three methods of attacks via vulnerabilities discovered in Wi-Fi. © Mathy Vanhoef
Three flaws corrected by Microsoft
One of the flaws allows you to send code in clear text in one Wi-Fi network protected. Most devices accept plain texts without flinching because they look like messages to establish a link. From that moment on, the hacker can intercept network traffic and trick his target into using a server. Malicious DNS to retrieve his identifiers.
The discovery dates back nine months. Since the Wi-Fi Alliance which is the consortium responsible for the certification of the standard works with the manufacturers of Wi-Fi modules to find a way to close the gaps. For his part, Microsoft fixed three of the vulnerabilities by distributing a patch starting March 9. A patch linked to the nucleus Linux is also expected. The companies Cisco, Sierra Wireless, Samsung, Eero, and even Netgear have started to develop patches to remedy the vulnerabilities. In the meantime, it is better to check that the mention “Https” is present when connecting to a site Web, because it is from malicious sites that the attacker seeks to collect identifiers. It is also necessary that it is within range of the network …
Interested in what you just read?
