Networks Wi-Fi they are everywhere, so they attract the attention of hackers and the like, especially when they have security holes. Belgian researcher Mathy Vanhoef recently discovered several of them. Some have been around since 1997, when Wi-Fi officially appeared.
Vanhoef named the set of failures of FragAttacks, an abbreviation in English for “clustering and aggregation attacks”. They basically allow an attacker to access a device connected to the vulnerable network to steal data or install malware there that can perform various types of actions.
According to the researcher, practically all Wi-Fi devices have, at least, one of the flaws pointed out in his report. Most have more than one. It is not difficult to understand why: at least three of the vulnerabilities correspond to design flaws in the Wi-Fi specifications. The rest involve programming errors.
The problem can be explored in several ways. For example, a group of faults is able to allow the insertion of frames of plain text in the device or, still, of aggregation frames that look like handshake messages (check procedure between the access point and the device at the time of connection).
These frames can contain a multitude of malicious instructions, such as compromising a firewall configuration or implementing DNS services that redirect the user to fake websites without realizing it.
The researcher points out that the vulnerabilities discovered affect all Wi-Fi security protocols, from the current WPA3 to the old (and obsolete) WEP. This means that some of the flaws have existed since Wi-Fi was made the standard in 1997.
An explanatory demonstration of FragAttacks involving the WPA2 and WPA3 protocols appears in the following video:
The good news about this story is that the flaws identified cannot be easily exploited. In addition, most of them can only be made possible through some interaction with the user.
Wi-Fi Alliance has been warned
It is not the first time that Mathy Vanhoef has discovered vulnerabilities related to Wi-Fi. In 2017, the security researcher found a flaw that became known as KRACK. In 2019, he identified Dragonblood, a problem that affects the WPA3 protocol.
Both findings contributed to making Wi-Fi more secure, at least to some extent. The newly revealed flaws should have the same effect: before making the vulnerabilities public, Vanhoef warned the Wi-Fi Alliance about them.
Thanks to this, the organization has spent the past nine months working to correct loopholes in specifications and, in partnership with network device manufacturers and other companies, to release fixes.
The Wi-Fi Alliance thanks Mathy Vanhoef (New York University Abu Dhabi) for identifying and reporting this issue responsibly, allowing the industry to proactively prepare for updates.
Cisco and Juniper are examples of manufacturers that are already releasing updates for certain products. Microsoft released patches related to the flaws on March 9. The Linux kernel will also receive patches.
In the statement thanking Vanhoef, the Wi-Fi Alliance also claims to have found no evidence that the flaws were exploited against users. Anyway, it is possible to check if your equipment has received or will receive corrections by searching if they include the following flaws:
More details on these vulnerabilities can be found on FragAttacks, a website that Vanhoef has prepared to specifically address this issue.
With information: The Record, ZDNet.