If you’ve been using an iPhone, iPad, Amazon Echo or Kindle or certain handsets from Google, Samsung or Xiaomi, there is a chance that your device has been accessed or taken over by hackers , thanks to a recently discovered vulnerability in the WiFi chips used in these devices.
ESET, a Slovak cybersecurity firm, has for the last one year been working in collaboration with manufacturers of two specific WiFi chips, which were found to have been vulnerable to attack by hostile parties. The manufacturers have since released for all the vulnerable devices security patches that users can install to address the vulnerability.
According to a report released by ESET, the vulnerability named Kr00k was discovered while the firm was conducting research into KRACK, a series of attacks on WiFi devices that was detected last year. In subsequent investigations, ESET discovered that WiFI chips manufactured by Broadcom ad Cypress had the Kr00k vulnerability. Chips from both these companies have a high market share and are used in a wide range of WiFi-enabled devices.
ESET said the devices that tested positive for the vulnerability include the Amazon Echo (2nd generation), Amazon Kindle (8th generation), Apple iPad mini 2, Apple iPhone 6, 6s, 8 and XR, Apple MacBook Air Retina 13-inch 2018, Google Nexus 5, 6, and 6s, Raspberry Pi 3, Samsung Galaxy S4 GT-19505, Samsung Galaxy S8 and Xiaomi Redmi 3s, as well as some WiFi access points by Huawei and Asus.
“Simply put, any device with a WiFi chip manufactured by these two companies is vulnerable to attack, as long as the device is connected to a WiFi network and the hacker is within the range of the same network,” a cybercrime official, who spoke on condition of anonymity, said. “Once a hacker gets access to any device for even a short period of time, they can do anything, including planting a malware or intercepting sensitive information that is being sent or received via the Internet,” the official added.
Indian cybercrime agencies are currently trying to gauge the number of devices featuring these two chips in circulation in the country to get a sense of the magnitude of the problem.
The Slovak firm states that the Kr00k vulnerability is triggered when the device in question experiences a disconnection with the network, called a “dissociation” in technical terms. The more concerning factor, according to officials, is that a dissociation can also be triggered manually.
“It is only a matter of sending a high energy pulse to the server, which can cause a temporary dissociation, while the user thinks that this happened due to a weak signal,” the official said. “A suitably designed malware can easily find its way to the user’s online storage space, like the Cloud, after which multiple possibilities, including data theft and financial crimes open up,” the officer added.
