Twelve Wi-Fi breaches threaten every device in the world

A researcher has discovered 12 vulnerabilities in the Wi-Fi protocol. Called FragAttacks, the threats resulting from these vulnerabilities make it possible to steal data or take control of devices, including connected objects. Some of these breaches have been present since the 1990s and concern all devices.

The ubiquitous Wi-Fi is far from perfect when it comes to security. A researcher from the Catholic University of Leuven in Belgium (KU Leuven) has just detected no less than 12 faults affecting devices equipped with a Wi-Fi module. The attack methods relating to these faults have been grouped under the heading FragAttacks. With them, a nearby attacker can exploit these vulnerabilities to steal data or take control of these devices. Through a Wi-Fi network, the researcher has thus managed to take control of a connected switch, as well as of a computer powered by Windows 7. In the latter case, the attacker can then launch an attack. from that PC with outdated system.

It turns out that three of these flaws date from the beginnings of Wi-Fi and its security in the 1990s. This is particularly the case for WEP keys of the time, as well as for the latest protocols, such as WPA3. These are therefore design flaws and therefore affect virtually all devices.

In this video, the Belgian researcher shows three methods of attacks via vulnerabilities discovered in Wi-Fi. © Mathy Vanhoef

Three flaws corrected by Microsoft

One of the flaws allows you to send code in clear text in a protected Wi-Fi network. Most devices accept plain texts without flinching because they look like messages to establish a link. From that point on, the hacker can intercept network traffic and trick their target into using a malicious DNS server to retrieve their credentials.

The discovery dates back nine months. Since then, the Wi-Fi Alliance, which is the consortium responsible for certifying the standard, has been working with manufacturers of Wi-Fi modules to find a way to close the gaps. For its part, Microsoft corrected three of the vulnerabilities by distributing a patch from March 9. A patch related to the Linux kernel is also expected. The companies Cisco, Sierra Wireless, Samsung, Eero, and even Netgear have started to develop patches to remedy the vulnerabilities. In the meantime, it is better to check that the mention "Https" is present when connecting to a website, because it is from malicious sites that the attacker seeks to collect the identifiers. It is also necessary that it is within range of the network ...