Most Wi-Fi routers vulnerable to AirSnitch attack – here’s what to do
You may recall that way back in 2017, the WPA2 encryption standard used by most Wi-Fi routers at the time was cracked and had to be replaced with a new version, WPA3. Now a new attack method dubbed AirSnitch means that Wi-Fi encryption on most networks can be bypassed in order to access all of the traffic passing through the router.
Almost all routers are vulnerable, so there are three steps you should take in order to protect yourself, with the greatest risk occurring through use of public Wi-Fi hotspots …
Security researchers have found a new vulnerability they’ve called AirSnitch, which allows current Wi-Fi encryption to be bypassed rather than broken.
As ArsTechnica reports, there’s good news and bad news. The bad news is that it enables an attacker to create a full bidirectional man-in-the-middle attack, enabling them to view all traffic passing through the router. That even creates vulnerabilities when accessing websites secured with HTTPS.
Even when HTTPS is in place, an attacker can still intercept domain look-up traffic and use DNS cache poisoning to corrupt tables stored by the target’s operating system. The AirSnitch MitM also puts the attacker in the position to wage attacks against vulnerabilities that may not be patched. Attackers can also see the external IP addresses hosting webpages being visited and often correlate them with the precise URL.
The good news is that an attacker would need to know (or crack) the SSID password in order to access the router in the first place. Provided you’re using a strong password for your own Wi-Fi router and you don’t hand out the password to it too casually, then you don’t have anything to worry about while at home.
The far bigger risk is when using public Wi-Fi hotspots, whose passwords are of course made available to all users. Since most of these will be vulnerable to the attack, all of your own traffic is potentially at risk. It’s always a good idea to use a VPN when accessing public Wi-Fi, and this is now more important than ever before.
In summary, then:
- Ensure your home Wi-Fi router has a strong password, including any guest passwords
- Only share the password with visitors you trust
- Always use a VPN service when using a public Wi-Fi hotspot
All of the routers tested were vulnerable and it’s unclear as yet whether a patch will prove possible.
FTC: We use income earning auto affiliate links. More.
First Appeared on
Source link
