Last month security researchers took to the stage of the RSA Conference in San Francisco to reveal details of a previous unknown security flaw in the Wi-Fi chips built into more than one billion devices.
The KrØØk vulnerability (also known as CVE-2019-15126) exists in certain Broadcom and Cypress Wi-Fi chipsets and allows unauthorized decryption of some WPA2-encrypted traffic by causing vulnerable devices to use an easy-to-decrypt all-zero encryption key.
Unpatched IoT gadgets, smartphones, tablets, laptops, Wi-Fi access points and routers with Broadcom chips are all at risk from the KrØØk vulnerability, which is related to the KRACK flaw in the WPA2 protocol discovered in 2017.
Vulnerable devices were said to include:
Amazon Echo 2nd gen
Amazon Kindle 8th gen
Apple iPad mini 2
Apple iPhone 6, 6S, 8, XR
Apple MacBook Air Retina 13-inch 2018
Google Nexus 5
Google Nexus 6
Google Nexus 6P
Raspberry Pi 3
Samsung Galaxy S4 GT-I9505
Samsung Galaxy S8
Xiaomi Redmi 3S
Predictably, other researchers have been exploring how easy it might be to exploit the KrØØk flaw – and a team at security outfit Hexway say that it “didn’t take much time” for it to write proof-of-concept code to steal sensitive data as it was transmitted wirelessly.
The exploit code, which Hexway say they have released for “educational purposes only”, is a Python script they named “R00kie Kr00kie”.
If Hexway found it fairly straightforward to exploit the KrØØk vulnerability, there’s no reason to think cybercriminals couldn’t do just the same.
But don’t panic just yet. You see, more internet communication than ever is using HTTPS/SSL for an additional layer of encryption, limiting opportunities for attackers to steal information through the KrØØk vulnerability. The use of SSH and secure VPNs also adds an additional wrapping of encryption around sensitive data as it is transmitted.
And just like the KRACK flaw, KrØØk requires an attacker to be within close proximity of your Wi-Fi network to launch an attack against it.
Although the KrØØk flaw exists within vulnerable Wi-Fi chips built into devices, the solution does not (thankfully) have to be a hardware fix. Manufacturers of vulnerable devices can push out firmware and driver updates to apply fixes.
Furthermore, the researchers who initially discovered the KrØØk vulnerability, responsibly disclosed the vulnerability to the affected chip manufacturers and other potentially affected parties.
So the message for users is clear. Make sure that your wireless devices are running the latest updates and security patches, and if you are at all concerned – contact the manufacturer to verify if your device is at risk and how to install an update to protect your privacy.