More than a billion Android and iPhone smartphones are at stake. In addition, laptops, tablets, ebooks, smart speakers and routers are also available.
A Slovak company, Cybersecurity-based ESET, has discovered a threat that exists on more than a billion Wi-Fi enabled devices.
Kr00k is a destabilization that causes network communication of the affected device to be encrypted with all zero encryption buttons. In a successful attack, it allows an enemy to encrypt packets of wireless networks.
During an investigation into the KRAC, ESET researchers identified the KR00k as the reason behind the “reinstallation” of all encryption keys observed in KRACK attack tests. After our research, most major device manufacturers issued patches.
Kr00k is especially dangerous because it estimates a billion conservative Wi-Fi enabled devices – a conservative.
Experts found that the source of the problem was Wi-Fi chips. And the vulnerability is called Kr00k. This vulnerability is developed by Broadcom and Cypress Semiconductor.
When it is detected, the encryption buttons are “reset” when the Wi-Fi connection is lost or the signal is damaged and the connection is restored. Attackers can take the benefit from this, including provocation when disconnected. According to the Expert, the vulnerability includes both WPA2 – Personal Protocol and WPA2-Enterprise.
“For own protection, make sure you have access to all your Wi-Fi enabled devices. Such as phones, tablets. ESET researcher Has been updated to the latest firmware version. ESET researcher Robert Lipowski working with the Kr00k Risk Investigation Team.
The great concern of the team is not only client devices. But also Wi-Fi access points that have been affected by Kr00k. This increases the level of attack significantly. And the researcher says the vulnerability is very harmful that provides the door to opponents for decrypting such data.
In addition, many of the smartphone devices access were at risk, including to iPhone and Android smartphones, tablets, MacBooks, smart speakers, including iPads, laptops, smart display, Kindle eBook, including Amazon Echo, routers۔
ESET experts tested and confirmed that vulnerability in some as follows
- Amazon (Echo, Kindle)
- Apple (iPhone,iPad, MacBook)
- Google (Nexus)
- Samsung (Galaxy)
- Raspberry (Pi3) )
- Xiaomi (Redmi) also at a risk. As well as Asus and Huawei access points
According to the test results, it was found that the Wi-Fi modules produced by Qualcomm, Realtek, Relink and Mediate were not affected by Kr00k’s vulnerability.
As noted by ESET in its report, most device manufacturers have already released patches to eliminate this risk. Users should check for the latest device software.
Source = EST