skip to Main Content

Cyber Security, billion of Wi-Fi devices worldwide vulnerable to cybercrime

ESET: Over a billion of devices worldwide could be exploited by cybercrime to decrypt some wireless network packets transmitted and even inject data packets. This thanks to a vulnerability in Wi-Fi chips, dubbed KrØØk

Over a billion of devices worldwide could be exploited by cybercrime to decrypt some wireless network packets transmitted and even inject data packets. This thanks to a vulnerability in Wi-Fi chips dubbed KrØØk. It has been discovered by ESET cyber security experts. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. The flaw affects devices with Wi-Fi chips by Broadcom and Cypress that haven’t yet been patched. These are the most common Wi-Fi chips used in contemporary Wi-Fi capable devices such as smartphones, tablets, laptops, and IoT gadgets. Not only client devices, but also Wi-Fi access points and routers with Broadcom chips were affected by the vulnerability, thus making many environments with unaffected or already patched client devices vulnerable anyway.

The cyber security experts: KrØØk affects both WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption. Manufacturers released patches, update your devices now! 

According to the cyber security experts, the vulnerability affects both WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption. KrØØk is related to KRACK (Key Reinstallation Attacks), discovered in 2017 by Mathy Vanhoef, but also fundamentally different. In the beginning, the researchers found KrØØk to be one of the possible causes behind the “reinstallation” of an all-zero encryption key, observed in tests for KRACK attacks. This followed previous findings that Amazon Echo was vulnerable to KRACK. ESET responsibly disclosed the vulnerability to chip manufacturers Broadcom and Cypress, who subsequently released updates during an extended disclosure period. The company also worked with the Industry Consortium for Advancement of Security on the Internet (ICASI) to ensure that all potentially affected parties – including affected device manufacturers using the vulnerable chips, as well as any other possibly affected chip manufacturers – were aware of KrØØk.

Back To Top