European experts have discovered another Wi-Fi vulnerability. Moreover, such that it potentially threatens not only routers, but in general all gadgets that use Wi-Fi. But this is just one of the imperfections of wireless communication. Life figured out how thieves break into wireless networks and how to protect themselves from intrusion.
Manufacturers turn a blind eye to vulnerabilities
Back in 2014, Tripwire discovered that 20 of the 25 most popular home and small business modems are vulnerable to hacking out of the box. Manufacturers are aware of many vulnerabilities, but for some reason they are not patched. As a result, hacker attacks on routers are often spontaneous. One of the illustrative cases occurred in 2017: the Mirai malware compromised about 100,000 ZyXEL devices in just 60 hours.
Other Wi-Fi devices are used as weapons
Examining a user's emails will give cybercriminals a lot of value: for example, passwords and logins from social networks, data from maps or geolocation. Also, hacked Wi-Fi gadgets often become weapons in the course of large-scale DDoS attacks. In 2016, a variant of the aforementioned Mirai took over a bunch of devices and helped hackers to malfunction Twitter, Periscope, PlayStation Network and other major online services. The most mundane and popular reason for hacking home Wi-Fi hotspots is free and unlimited Internet traffic.
Promotional video:
Anything can be hacked
Each Wi-Fi network has its own security protocol. The most popular are WPE, WPS, WPA, or WPA2. They all differ in encryption methods. They encode information between a transmitter (router) and a receiver (for example, a smartphone) so that only two devices understand it. The codes that users enter when connecting to routers are also encrypted. The essence of any Wi-Fi hack is finding this very PIN. Today, it can be picked up, deciphered or recognized by deception in almost all cases. The only question is the amount of time spent. The more outdated the protection protocol is, the faster the process will "go". Let's start with WPS. Since WPE is so ancient that it can be hacked in seconds, it is hardly used anymore.
Hackers love the lazy
WPS (Wi-Fi Protected Setup) is a security standard designed for the lazy. In the case of WPS, to configure Wi-Fi at home, the user just needs to plug the plug into the outlet, press the WPS button on the modem and enter an 8-digit numeric code on the computer. It is most often printed on the case of the modem.
Actually, because of the latter, WPS experts are considered one of the most "leaky". PIN-code from numbers is easily calculated by brute force. Brute force is a hacking method, during which the PIN code is found by brute force. This is easy because mathematically, a password of 8 numbers has only 100 million combinations.
Defending against such attacks is simple. It is enough to disable WPS in the router's web interface and set a more complex password. In older devices, by the way, the manufacturer may not provide for disabling WPS. Then you need to set a timeout between password attempts. Even an interval of 5 seconds will stretch the brute-force for many days.
It's easier to hack a human than Wi-Fi
Unable to deceive the piece of iron, the attacker will almost certainly try to trick you.
First, the scammer selects the access point he wants to hack. Then, using a special program like Wifiphisher and his own router, he clones the victim: creates a false access point with the same name and communication channel. Next comes the attacker's additional router. The hacker interferes with them and mutes the signals of all access points in the area. Except the cloned one.
Then the user does not load, for example, YouTube, he opens a list of available Wi-Fi networks on his device, sees a false one with a native name and presses “Connect”. Having connected to the clone of the native access point, the onlooker opens a browser and instead of the home page sees the page of the router's web interface. It says that it would be necessary to update the firmware to improve the stability of the equipment, but first you need to enter the PIN from Wi-Fi. “Good thing,” the user thinks and enters the password. Of course, the password flies to the hacker's hard drive. With its help, an attacker can, at best, use someone else's Internet, and at worst, analyze incoming and outgoing traffic.
How to protect yourself? There is only one advice - be extremely careful. It will not be superfluous to study the menu of your router. Often, hackers are too lazy to completely copy the settings interface, and then phishing attacks fail on trifles.
Hackers steal handshakes
Didn't you fall for the decoy duck? Then the hacker will stop playing with you and get down to serious work: he will steal the "handshakes" of your devices. Both WPA and its improved version WPA2 are hacked by stealing handshakes.
Every time the router and smartphone (or any other gadget with Wi-Fi) connect, both devices exchange encrypted data packets, which also store a PIN code. IT specialists call this starting rite "handshakes". And it is in this process that hackers try to wedge themselves when they want to get access to someone else's Wi-Fi for sure.
Attackers often use the Kali Linux utility to intercept necessary information. It allows you to switch the Wi-Fi antenna of any router into monitoring mode. In it, the antenna receives encrypted data packets from any selected access point in the access zone.
Protecting your network from hacking is easy enough. First, remove the default password at last. And don't use 8-digit combinations at all. Experts recommend 12 characters. It is advisable to set something like Z2Vf6S1l2fXr. Better yet, change your password every few months. In general, the iron option is to shield an apartment or office so that the signal of your router does not propagate further than you need.
The dangers of default settings are underestimated
By the way, about the default settings. In the context of hacking, Wi-Fi is generally the most underestimated vulnerability. User negligence often leads to the fact that personal data flows through a modem in Moscow to the other end of the world.
Many routers and modems come off the conveyors of factories, the web interface of which can be accessed remotely. The web interface is a graphical menu of the router that opens in a web browser. Giving an attacker access to this menu is like being naked in front of a stranger. In the best case, you just reveal the PIN from Wi-FI, in the worst case, the hacker will redirect all traffic to his hard drive. So, sooner or later, a third party will find out the login and password, for example, from your personal account at the bank. In order not to fall for this bait, change the administrator password. You can do even smarter if you disable remote access in the settings.
Chaos in someone else's network
We have already said that WPA and WPA2 are modern security protocols. They can be hacked, but not always. Let's say a hacker has tried all of the above methods, but to no avail. He is left with one way - to force the victim to "downgrade" the encryption protocol from WPA to archaic WPE. To do this, you have to intimidate the user. Or, as IT people say, resort to social engineering.
For this case, there is the mdk3 utility. Her vocation is to wreak havoc on Wi-Fi networks. Preferably in small, but not at home. Therefore, if a hacker resorts to using mdk3, then his choice usually falls on small offices that are served by inexperienced or stray system administrators. They can be easily made to panic, but they are smart enough to go into the network settings and switch the security protocol.
Overall, Wi-Fi is still the most desirable target for attack. Considering that most people buy payroll cards over wireless networks, attacks on home and corporate networks are unlikely to end anytime soon.
Author: Roman Kildyushkin
