1 Billion WI-Fi Connected Devices Are Vulnerable Due to a Security Vulnerability

IoT is the future, or so we're being told all the time - with technology not so much marching, but rather frog leaping into orbit, smart homes and interconnected appliances that you can command at will from your phone are becoming the norm. However, this interconnectedness comes at a price, and in this particular case, said price is security.

In the case of Kr00k, we're talking about a rather widespread and exploitable vulnerability that could theoretically affect the security of over a billion individual devices.

Dubbed Kr00k by the researchers at ESET that discovered it, this vulnerability affects devices with Wi-Fi chips manufactured by Broadcom and Cypress. Said chips are used in a vast range of devices with wireless internet, including Apple, Google, and Samsung phones, various IoT and smart home devices, routers, etc.

ESET IT security specialists Robert Lipovsky and Stefan Svorencik made a very educational presentation on the matter. Here's what you need to know about it.

What is Kr00k?

Kr00k is a vulnerability that some Broadcom and Cypress microchips have. Due to the way they encrypt their Wi-Fi signals, it is possible for hackers to exploit said vulnerability and grab unencrypted data from the Wi-Fi network.

How Does Kr00k Work?

The data encryption that the chips suffering from this vulnerability provide is flawed. Once a device's connection to a Wi-Fi network is interrupted, the chips in question are prone to broadcasting any leftover data that they were supposed to transmit to the device without encrypting said data properly. This can potentially be exploited by ingenious hackers to grab data from devices by tricking said device into thinking that it has been disconnected, then capturing and analyzing the last unencrypted bits of data that it produces.

What are Kr00k's Limitations?

While potentially billions of devices may be at risk of being hacked using this method, the reality is that it is unlikely to be as useful to cyber-criminals as many other tools in their arsenal. After all, the method in and of itself is rather resource-intensive, and requires quite a bit of effort on the hacker's part to actually bear "fruit." The hacker must be able to access the potential target's Wi-Fi network and willing to dedicate time and energy to sending false disconnect signals to trick said network into giving up pieces of decryptable data. Making sense of the recovered data is also hard work, and even then, there's no guarantee that said data would be of any use to the attacker at all.

What Should you do to Avoid being "Kr00k"-ed?

Once discovered, the vulnerability was reported to the manufacturers and support of the companies employing the vulnerable hardware, so that they may issue a security update. Porportedly, the issue has been fixed, or is to be fixed by diligent IT specialists at the next software patch of each of the devices in question. Which handily brings us to what everyday users could do to avoid falling prey to cybercrooks wishing to exploit this vulnerability - and it's a simple one, folks. You guessed it - update all your smart devices whenever you get prompted to do so. Keep them all up to date - if you haven't been asked to do so for a couple of months, take the time to do it manually, right now.

Kr00k is a perfect example of why it is important for users to never skip software updates. Even if it seems like said updates do nothing to improve the user's experience, many of them are essential for said user's security.

March 30, 2020

Leave a Reply