New vulnerability in WiFi networks, they will be able to see everything you do on the Internet

0
88

When a vulnerability appears, an attacker could take advantage of it to steal information or compromise a device. In this case, it is a new bug that affects the IEEE 802.11 WiFi protocol. It basically allows an attacker to trick access points, such as a router, into leaking information in plain text. This can endanger the privacy of users, so it should be corrected as soon as possible.

A flaw in the IEEE 802.11 WiFi protocol exposes browsing data

Specifically, it affects the WiFi frames or frames. It is information that has data such as the source and destination MAC address, as well as control and management data. They serve for orderly transmission and avoid problems when exchanging data and monitoring access points.

What a group of security researchers has now discovered is that these frames are not properly protected. An attacker could exploit them, manage to manipulate the transmission of data and impersonate the identity of the device that acts as a client. It could even cause frames to be redirected and capture requests.

It affects a wide variety of operating systems, such as Linux, FreeBSD, iOS or Android. They could even intercept the victim’s web traffic. This comes from a defect in the power saving function. It is something that includes the IEEE 802.11 standard so that devices using WiFi save energy by queuing those frames destined for inactive devices.

The attacker could spoof the MAC address of some device on the network and thus send energy saving frames to the access points. With this, it manages to put those frames in a queue and later requests activation. But the problem with everything is that the exchange of frames, instead of being encrypted, is transmitted in plain text.

Security researchers have managed to exploit this flaw through a tool they have created. They have been able to intercept web traffic. There is a list of affected brands, including Lancom, Aruba, Cisco, Asus and D-Link. But these attacks could also be used to inject malicious content such as JavaScript into TCP packets and exploit bugs in the browser, for example.

However, since most traffic today is encrypted, the actual impact of this vulnerability would be limited. There are really few web pages today that work over HTTP, which means that they are not encrypted and in the event of vulnerabilities of this type or browsing public networks, your data could be at risk.

See intruders on Wi-Fi

Keeping everything updated is essential

Failures like this that we have seen can happen at any time. It is not the only one there has been and, unfortunately, it will not be the last either. At the user level, what we can do is keep everything updated. It is essential to have the operating system with the latest versions, but also the browser, the network card drivers or any program.

In addition, updating the router is essential to avoid many problems. Not only will you make the connection more stable, but you will prevent many computer attacks that could compromise your devices. Some routers update automatically, while others you will have to do it manually. This will help you avoid typical router problems.

In short, as you can see there is a new bug that can affect certain devices through WiFi. Although it is an unlikely type of attack to occur, it is to be hoped that they will release patches to correct the problem. Make sure that you always browse HTTPS encrypted websites and that you have your router and any devices properly updated.

Previous articleThey reveal how the personality of parents shapes the lives of their children
Next articleVIDEO: Porsche celebrates 30 years in Thailand with this video