Millions Of WiFi Routers Are At Risk Of Hacking

Uploaded on 2018-09-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Hackers

Millions of home Wi-Fi networks are currently at risk of being hacked, a British security company has claimed. But not everyone is convinced it’s an issue. Weaknesses exist in how saved passwords in the browsers Google Chrome and Opera interact with Wi-Fi over unencrypted connections.

That's according to SureCloud researcher Elliott Thompson, who discovered the alleged vulnerabilities and reported them earlier this year.

Thompson claimed that hackers could exploit the weaknesses to hijack a home’s Wi-Fi, steal information from computers connected to the network and even implant malware.

“The hacker would be able to join the WiFi network, access shared files, access 'internet of things' devices which trust the local network [and] view what websites everyone is visiting,” Thompson told Newsweek. “If those websites are unencrypted, the hacker could attempt to implant malware onto the device to steal passwords or access webcams from the computers on the network.”

But there appear to be some major caveats to such an intrusion. According to SureCloud, in order to compromise a home network, the cybercriminal would need to be within Wi-Fi range of the router. 

Additionally, the victim’s device would need to be using the Chrome or Opera browsers that have the router’s login credentials to an open network saved. If so, researchers said they could use software exploits to steal credentials in a minute. 
And it also requires user interaction. In the proof-of-concept attack, the target would need to click a page pop-up that appeared to be their Wi-Fi router’s admin menu for it to work.

SureCloud criticised the fact that Chrome browsers save Wi-Fi router administration credentials and re-enter them automatically—an auto-fill process that is designed for convenience. Obtaining router details could be used to capture the Wi-Fi network password (PSK), SureCloud said.

“Nearly every single home router that uses a web management page [would be impacted],” Thompson claimed. “There are likely hundreds of millions of routers fitting these criteria in use.

“The router is not the only requirement for exploitation,” the security researcher conceded. “It is in combination with saved credentials, Chrome being in-use and the operating system remembering an open Wi-Fi network. These are all criteria that many people will meet.”

A real-world problem? 
But external independent cybersecurity expert Robert Pritchard told Newsweek he remained unconvinced the alleged issue reported by SureCloud was a problem at all.

“The vast majority of Wi-Fi networks these days are encrypted, meaning this attack would not be viable,” Pritchard said. “Even if you can find an unencrypted Wi-Fi network, you would still have to find a victim on said network who is actively using Chrome or Opera, and who had the administrator credentials for the network router saved in the browser.

“Against unencrypted networks the attack hardly seems necessary—there is nothing to stop the attacker joining the network, intercepting traffic or doing any number of malicious things.”
Responding, SureCloud researcher Thompson said: “The target device in the demonstration is connected to a secure, WPA2 protected network, then using the Karma attack the target is brought onto a fake unsecured network to begin the next stage of the attack.

“The first Karma stage of this attack is well known, we have built upon that. The attack is demonstrated to work against WPA2 networks encrypted with a strong pre-shared key (PSK), this is what makes the finding significant. The attack doesn’t require intercepting any traffic.”

SureCloud said it disclosed its findings to Google’s Chromium project on March 2, 2018. Chromium, which maintains the Chrome browser, said the password feature was “working as designed” and that it would not be updated in light of the alleged security weaknesses.

In a statement on Wednesday 5th Sept, Google said: “Security is a core tenet of Chrome and we are committed to providing our users with a secure web experience.

“We appreciate the security community for working with us to bring any concerns to our attention. We’ll study this closely and see if there are improvements to make.”

Users can protect home networks by clearing their Chrome browser's saved passwords, deleting saved open networks and not allowing automatic reconnection to networks, SureCloud said.

Newsweek

You Might Also Read: 

WiFi Can Spy on You:

 

« UK Fallout From The Massive Breach At Equifax
Has Demand For Cyber Security Skills Hit Crisis Point? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

Saudi Federation for Cyber Security and Programming (SAFCSP)

Saudi Federation for Cyber Security and Programming (SAFCSP)

SAFCSP is a national institution under the umbrella of the Saudi Arabian Olympic Committee, which seeks to build national and professional capabilities in the fields of cyber security and programming.

National Cybersecurity Institute (NCI) - Excelsior College

National Cybersecurity Institute (NCI) - Excelsior College

NCI is Excelsior College’s research center dedicated to assisting government, industry, military and academic sectors meet the challenges in cybersecurity policy, technology and education.

Shift Technology

Shift Technology

Shift Technology provides insurance companies with an innovative SaaS solution to improve and scale fraud detection.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

DAkkS

DAkkS

DAkkS is the national accreditation body for Germany. The directory of members provides details of organisations offering certification services for ISO 27001.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

e5 Lab

e5 Lab

e5 Lab seeks to develop solutions to challenges faced by the shipping industry including digital transformation, autonomous technologies and big data in order to promote safe and efficient operations.

Eureka Security

Eureka Security

Eureka help organizations securely use any cloud data storage technology they need without having to compromise on security.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

Spec

Spec

Spec is the only no-code orchestration platform that protects enterprise fraud defenses from being blocked, bypassed, and manipulated by modern attack tactics.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.