Much to everyone’s concern, there have been discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs), notes krackattacks.com.
The “Krack” attack works by exploiting the “handshake” that a WiFi network and a device give to each other when the latter wants to join. Usually, the two decide on an encryption key for all future traffic, meaning that each device will only be able to read data if it has that key.
“Note that if your device supports Wi-Fi, it is most likely affected,” wrote security researcher Mathy Vanhoef, whose work was noted by the US government.
“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites”, continues the researcher.
Android phones are likely to be the most damaged by the attack. Not only are they already particularly vulnerable, they are also incredibly slow to receive updates – meaning that the patch could take a while to arrive, which is especially concerning now that the exploit is public.
The researchers provided the following video showing the attack in progress against a device running Google’s Android mobile operating system:
Secure unprotected WiFis with CyberGhost VPN
CyberGhost VPN will automatically protect you every time you are using a new WiFi or Internet connection. You will never be vulnerable, again, in a hotel, airport, restaurant, or any other new, public space.
Using a top-class 256-bit AES encryption technology, CyberGhost VPN protects your privacy and secures you online, even on public, unprotected WiFis. Furthermore, CyberGhost adds an additional layer like HTTPS which secures even non-https connections in a hacked WiFi.
With CyberGhost VPN, all you need to do is choose the WiFi networks on which you want to be protected. Then, our app will automatically start whenever you are using them. Set and forget – you’ll always be protected. Download CyberGhost for free and see for yourself.
If you are already a CyberGhost user on a Windows, iOS or Android device, then simply go to the app and connect to the Protect Wi-Fi / Secure Wi-Fi profile. If you own a Mac, then simply initiate your VPN by clicking on the Start button and you’re good to go.