New Kr00k vulnerability lets attacker decrypt WI-FI Packet
What is Kr00k?
Kr00k is a bug like other bugs that are being discovered on daily basis in software. But the difference is that Kr00k impact the encryption technique that is used to secure packet between wi-fi connection.
How Kr00k works
In wi-fi network data is transferred in the form of packets. These packets are encrypted with a unique key that is depend on that wi-fi connection password. However, researcher says that for Cypress and Broadcom Wi-Fi chips, these types of keys reset to an all-zero value during a process called “disassociation” (disassociation refers to a temporary disconnection that usually happens due to a low wi-fi signal).
After disassociation state wi-fi devices try to re-connect to the previous used network here an attacker can force these devices into a long-disassociated state then receive packets meant for the attacked device, and then use the Kr00k bug to decrypt wi-fi traffic using the all-zero key.
The attack scenario allows the hackers to actively intercept and decrypt wi-fi packets that are considered to be secure.
- Amazon Kindle 8th gen
- Amazon Echo 2nd gen
- Apple iPhone 6, 6S, 8, XR
- Apple iPad mini 2
- Apple MacBook Air Retina 13-inch 2018
- Google Nexus 6
- Google Nexus 5
- Google Nexus 6S
- Raspberry Pi 3
- Samsung Galaxy S8
- Samsung Galaxy S4 GT-I9505
How to check if you are still vulnerable to Kr00k?
Make sure that you have updated all your wi-fi capable devices like your phone, laptop, tablet and Wi-Fi access points to the latest operating system available. check whether your devices with affected chips have been patched or not, if your device uses the affected chips it need to be directed at your device manufacturer.