FOLLOW US

Wi-Fi technology depends on the ability to break big data into smaller data clusters. Depending on the network requirements the data constantly shifts from larger to smaller data packets. Researcher Mathy Vanhoef published a study last week which explains what he calls FragAttacks. A hacker within radio range can exploit a dozen vulnerabilities with the potential to impact huge numbers of wi-fi-enabled devices.

Vanhoef documents how hackers can redirect users to malicious websites. They may also exploit or tamper with network-connected devices. In FragAttacks, short for fragmentation and aggregation attacks, hackers inject malicious commands into encrypted Wi-Fi traffic. WPA-based encryption protection has serious vulnerabilities.

Trusted networks open to FragAttacks

With these types of hacks data in the form of malicious coding can be injected into the Wi-Fi traffic. But it’s not possible to exfiltrate and pull anything out. In other words, FragAttacks don’t let the hacker read users' passwords or other private data. 

Vanhoef’s previous research outlined a Wi-Fi attack of Vanhoef, known as  Krack. Krack differs from a FragAttack because it does allow the hacker access to sensitive and hidden info. But FragAttack hackers can inflict a lot of damage, especially when combined with other types of hacking.

The vulnerabilities Vanhoef outlines now have been around since 1997 when Wi-Fi first started to be used. can be exploited to inflict other kinds of damage, particularly if paired with other types of hacks.

“It's never good to have someone able to drop packets into your network or target your devices on the network,” Mike Kershaw, a Wi-Fi security expert, and developer of the open-source Kismet wireless sniffer and IDS, reports.

“In some regards, these are no worse than using an unencrypted access point at a coffee shop—someone can do the same to you there, trivially—but because they can happen on networks you'd otherwise think are secure and might have configured as a trusted network, it's certainly bad news.”

12 Vulnerabilities

In the Wi-Fi specification, one of the flaws tracked as CVE-2020-24588 can be exploited to force Wi-Fi devices to use a rogue DNS server. This redirects users to malicious websites. This allows hackers can read and modify unencrypted traffic. Rogue DNS servers are also vulnerable to DNS rebinding attacks. In the rebinding attacks, malicious code creates device-to-device attacks where they are connected to the same network.

Four of the 12 known vulnerabilities that make up  FragAttacks are implementation flaws. This means they are created by bugs that software developers introduce when writing Wi-Fi-based specification code. In an attack, the hacker uses the bug to bypass security.