今ブームなニュース

急上昇な最新ニュースを速報

未分類

Serious flaw in WPA2 protocol lets attackers intercept passwords and much more

投稿日:

Aurich Lawson / Thinkstock

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time. A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against devices running Android, Linux, and OpenBSD, and to a lesser extent macOS and Windows, as well as MediaTek Linksys, and other types of devices. The site warned that attackers can exploit the flaw to decrypt a wealth of sensitive data that’s normally encrypted by the nearly ubiquitous Wi-Fi encryption protocol.

“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,” researcher Mathy Vanhoef, of the Katholieke Universiteit Leuven in Belgium wrote. “The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

Vanhoef provided the following video showing the attack against a device running Google’s Android mobile operating system:

KRACK Attacks: Bypassing WPA2 against Android and Linux

It shows the attacker decrypting all data the phone sends to the access point. The attack works by forcing the phone into reinstalling an all-zero encryption key, rather than the real key. This ability, which also works on Linux, makes the attack particularly effective on these platforms.

The site went on to warn that visiting only HTTPS-protected Web pages wasn’t automatically a remedy against the attack, since many improperly configured sites can be forced into dropping encrypted HTTPS traffic and instead transmitting unencrypted HTTP data. In the video demonstration, the attacker uses a script known as SSLstrip to force the site match.com to downgrade a connection to HTTP. The attacker is then able to steal an account password when the Android device logs in.

“Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations,” the researchers explained. “For example, HTTPS was previously bypassed in non-browser software, in Apple’s iOS and OS X, in Android apps, in Android apps again, in banking apps, and even in VPN apps.”

The researcher went on to say that the weakness allows attackers to target both vulnerable access points as well as vulnerable computers, smartphones and other types of connecting clients, albeit with differing levels of difficulty and effectiveness. Neither Windows nor iOS are believed to be vulnerable to the most severe attacks. Linux and Android appear to be more susceptible, because attackers can force network decryption on clients in seconds with little effort.

Vanhoef said clients can be patched to prevent attacks even when connected to vulnerable access points. Linux patches have been developed, but it’s not immediately clear when they will become available for various distributions and for Android users. Patches are also available for some but not all Wi-Fi access points.

In response to a FAQ item asking if the vulnerability signaled the need for a WPA3 standard, Vanhoef wrote:

No, luckily [WPA2] implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

-未分類

執筆者:

関連記事

DMM mobile – 業界最安値プランあり、月々440円から!格安スマホ・格安SIM

人気プラン※1が業界最安値 !!※2格安スマホを選ぶならDMM mobile SIMフリー端末をお持ちの方におすすめ! ※1 2017年5月30日時点 DMM mobileにおける人気プラン ※2 M …

WBA王者の井岡一翔が王座返上 「本人モチベーション次第」と父 引退可能性も

井岡一翔の王座返上を発表した井岡ジムの井岡一法会長 ボクシングWBA世界フライ級王者の井岡一翔(28)=井岡=が保持していた王座を返上したことが9日、明らかになった。大阪市内で会見を行った、井岡の父で …

日本軍性奴隷制被害者・李容洙さん/広島初中高を訪問 | 朝鮮新報

日本軍性奴隷制被害者・李容洙さん/広島初中高を訪問 “この社会を変えるのはあなたたち”/朝鮮学校生徒を激 …

カルビの海賊の店舗はどこ?料金やお店のメニューに口コミを全まとめ | りょうかける | 世界が広がるワクワクを

こんにちは、りょうです。 今日もりょう×「?」をテーマに 気になる話題をお届けします! ってことで、今回僕が 気になったテーマはというと カルビの海賊 についてです。 日曜日の …

安室奈美恵25周年記念キャンペーン – TOWER RECORDS ONLINE

安室奈美恵 オールタイム・ベストアルバム 『Finally』 2017.11.8 On Sale  タワーレコードでは、安室奈美恵25周年のアニバーサリーイヤーを飾るオールタイム・ベストアルバム『Fi …

%d人のブロガーが「いいね」をつけました。