Millions Of WiFi Routers Are At Risk Of Hacking

Uploaded on 2018-09-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Hackers

Millions of home Wi-Fi networks are currently at risk of being hacked, a British security company has claimed. But not everyone is convinced it’s an issue. Weaknesses exist in how saved passwords in the browsers Google Chrome and Opera interact with Wi-Fi over unencrypted connections.

That's according to SureCloud researcher Elliott Thompson, who discovered the alleged vulnerabilities and reported them earlier this year.

Thompson claimed that hackers could exploit the weaknesses to hijack a home’s Wi-Fi, steal information from computers connected to the network and even implant malware.

“The hacker would be able to join the WiFi network, access shared files, access 'internet of things' devices which trust the local network [and] view what websites everyone is visiting,” Thompson told Newsweek. “If those websites are unencrypted, the hacker could attempt to implant malware onto the device to steal passwords or access webcams from the computers on the network.”

But there appear to be some major caveats to such an intrusion. According to SureCloud, in order to compromise a home network, the cybercriminal would need to be within Wi-Fi range of the router. 

Additionally, the victim’s device would need to be using the Chrome or Opera browsers that have the router’s login credentials to an open network saved. If so, researchers said they could use software exploits to steal credentials in a minute. 
And it also requires user interaction. In the proof-of-concept attack, the target would need to click a page pop-up that appeared to be their Wi-Fi router’s admin menu for it to work.

SureCloud criticised the fact that Chrome browsers save Wi-Fi router administration credentials and re-enter them automatically—an auto-fill process that is designed for convenience. Obtaining router details could be used to capture the Wi-Fi network password (PSK), SureCloud said.

“Nearly every single home router that uses a web management page [would be impacted],” Thompson claimed. “There are likely hundreds of millions of routers fitting these criteria in use.

“The router is not the only requirement for exploitation,” the security researcher conceded. “It is in combination with saved credentials, Chrome being in-use and the operating system remembering an open Wi-Fi network. These are all criteria that many people will meet.”

A real-world problem? 
But external independent cybersecurity expert Robert Pritchard told Newsweek he remained unconvinced the alleged issue reported by SureCloud was a problem at all.

“The vast majority of Wi-Fi networks these days are encrypted, meaning this attack would not be viable,” Pritchard said. “Even if you can find an unencrypted Wi-Fi network, you would still have to find a victim on said network who is actively using Chrome or Opera, and who had the administrator credentials for the network router saved in the browser.

“Against unencrypted networks the attack hardly seems necessary—there is nothing to stop the attacker joining the network, intercepting traffic or doing any number of malicious things.”
Responding, SureCloud researcher Thompson said: “The target device in the demonstration is connected to a secure, WPA2 protected network, then using the Karma attack the target is brought onto a fake unsecured network to begin the next stage of the attack.

“The first Karma stage of this attack is well known, we have built upon that. The attack is demonstrated to work against WPA2 networks encrypted with a strong pre-shared key (PSK), this is what makes the finding significant. The attack doesn’t require intercepting any traffic.”

SureCloud said it disclosed its findings to Google’s Chromium project on March 2, 2018. Chromium, which maintains the Chrome browser, said the password feature was “working as designed” and that it would not be updated in light of the alleged security weaknesses.

In a statement on Wednesday 5th Sept, Google said: “Security is a core tenet of Chrome and we are committed to providing our users with a secure web experience.

“We appreciate the security community for working with us to bring any concerns to our attention. We’ll study this closely and see if there are improvements to make.”

Users can protect home networks by clearing their Chrome browser's saved passwords, deleting saved open networks and not allowing automatic reconnection to networks, SureCloud said.

Newsweek

You Might Also Read: 

WiFi Can Spy on You:

 

« UK Fallout From The Massive Breach At Equifax
Has Demand For Cyber Security Skills Hit Crisis Point? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Bloombase

Bloombase

Bloombase is the leading innovator in Next-Generation Data Security solutions for Global 2000-scale organizations

Cysec Resource Co (CRC)

Cysec Resource Co (CRC)

We offer expertise in information and cyber security, sourcing individuals and teams who provide information security expertise to the public and private sector.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

Cybertech

Cybertech

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

InfoExpress

InfoExpress

InfoExpress provides network security solutions that enhance productivity and security through better visibility, improved security, and automating device and mobile access to the network.

Xiarch Solutions

Xiarch Solutions

Xiarch Security is an global security firm that educates clients, identifies security risks, informs intelligent business decisions, and enables you to reduce your attack surface.

Unit 42

Unit 42

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.

CyberKinetics

CyberKinetics

CyberKinetics specializes in cloud-based services and solutions for federal agencies and commercial clients with compliance mandates.