A new WiFi security bug present on chips made by Broadcom and Cypress has likely rendered some one billion devices vulnerable to a theoretical attack that can decrypt information in transit.
Called “Kr00k,” the bug is present in the most common types of WiFi chips in use today. Many popular WiFi-capable devices are vulnerable: the iPhone, Samsung Galaxy devices, iPads, Google Nexus, Macbook Air, Amazon Echo and Kindle devices, among others.
The bug allows an attacker to intercept and decrypt incoming packets while the target device is prevented from connecting to the vulnerable network.
A fundamental WiFi security breach
This breach requires a vulnerable device to be connected to a WiFi network that is using the WPA2 WiFi security standard, which is the most common security protocol. The bug will not work on WPA3 networks, but these are not yet widely in use.
It is important to note that this is a technical flaw discovered by researchers, rather than a hack. Now that it is published it will undoubtedly be put into use by attackers, but the vulnerability was discovered months ago and was responsibly disclosed. It has been kept under wraps as hardware manufacturers have readied a patch for it.
Patches are now available for both types of affected chips, but the patching method will vary by device. Devices running Windows, Android or iOS will likely get this automatically as part of the regular OS updates if they have not already, but other devices and types of hardware may require a firmware update. Users can check to see if their devices have been patched by accessing the change log and looking for the identifier “CVE-2019-15126” (used to track fixes to this particular bug). For IoT devices, it’s best to contact the manufacturer.
The bug compromises the most fundamental layer of WiFi security that networks use to encrypt transmissions and keep information from being snatched out of data packets by anyone within range. If the communication is using another layer of encryption – say, a web browser connection via https or an instant messaging system with its own encryption – it will not be visible to the attacker. This bug will primarily impact those using basic http connections to websites, or a stand-alone app or client that does not internally encrypt its communications.
Kr00k can expose up to 32KB of data at once, or roughly 20,000 words. While it would be difficult to capture significant content from a large email or file transfer in this way, that would be more than adequate to capture login information if timed correctly.
This WiFi security vulnerability was disclosed to the public by ESET, a prominent internet security firm. ESET researchers report having tested a number of chips from other manufacturers and has yet to find matches beyond the ones from Cypress and Broadcom, but also note that it is not feasible to test every chip that exists. The security researchers did report that Qualcomm and MediaTek chips had been tested and did not appear to be vulnerable.
How Kr00k works
The broad overview of the WiFi security flaw is that it allows an attacker to force a device with one of these chips into a state of “disassociation” while it is connected to a WPA2 network, and then intercept and decrypt any data packets intended for the device. Disassociation is the state in which the device is still connected to the network but temporarily unable to access it, for example when one moves to a location with a weaker signal. The vulnerability hinges on the fact that during disassociation, these particular chips reset the user’s unique encryption key to a string of zeros. The Kr00k vulnerability’s name is a sort of portmanteau derived from this fact and its loose relationship to the KRACK attack that threatened WPA2 networks in 2017.
A threat actor could force one of these vulnerable devices into a disassociation state by using a deauthentication attack, which is fairly trivial to do after picking up the target’s MAC address via network sniffing. This method is most commonly used to try to get the target to connect to a lookalike honeypot WiFi network; some hotels and businesses have also gotten themselves in trouble for doing this to the personal hotspots of guests in a bid to get them to pay for on-site access points. With the MAC address in hand, attackers can simply send data frames that cause disassociation directly to the target device.
How did chip manufacturers manage to miss this possibility? As Roger Grimes, Data Driven Defense Evangelist for KnowBe4, explains : “It’s a case of putting the horse before the cart. The designers didn’t appropriately take into account what happens during a disconnect event when there is still data waiting to be re-transmitted. What they should have done is wait until the new connection and associated encryption key is established before re-transmitting the waiting data. Instead, they accidentally allowed the re-transmit to happen while the key was zero’d out waiting for the new association and encryption key to be established. It’s literally a case of 2 being in front of 1. Luckily, whitehat researchers found it and responsibly notified the vendors.”
How dangerous is Kr00k?
Though Kr00k is a serious enough WiFi security issue that you’ll want to ensure your devices and hardware have been patched, it’s not a major existential threat. While it would not be too difficult for someone to execute an attack on a nearby device using the same WiFi network, the data they would capture would come in small and unpredictable chunks. The simple use of https connections would also protect most web traffic from snoops, as is the case on unsecured wifi connections. As Craig Young, computer security researcher for Tripwire’s vulnerability and exposure research team (VERT), observed: “At the end of the day … it is not something to lose sleep over. As shown in the Kr00k publication, most of the sensitive data attackers are likely to obtain is going to additionally be encrypted by TLS as it should be. Vulnerabilities like KRACK, Kr00k, or Dragonblood are all excellent reminders of why HTTPS Everywhere is important.”
Kr00k is not likely to be enticing enough to cyber criminals to see widespread indiscriminate use, especially considering that patches were released prior to public knowledge of the vulnerability (macOS and iOS WiFi security issues were patched all the way back in late October). It will more likely be limited to select targeted applications, most likely to scenarios where attackers have inside knowledge of exploitable IoT gadgets.