KrØØk Wi-Fi encryption vulnerability affects billions of devices


It seems like every other day, we get news of the discovery of another security vulnerability that affects a lot of our devices. Yesterday, a report published by ESET Research explains the discovery of Kr00k vulnerability that allows an attacker to decrypt wireless network packets.

The kr00k vulnerability was discovered when ESET researchers were studying into the Key Reinstallation Attacks (KRACK) on Amazon Echo devices. It causes the vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. This makes it possible for attackers to decrypt packets of information that are being transmitted over the network.

It affects all devices with Broadcom and Cypress Wi-Fi chips which estimates to more than a billion WiFi-enabled devices. Some the manufactures that were confirmed to be affected by the Kr00k vulnerability is Amazon with their Echo and Kindle, Apple with their iPhone, iPad and MacBook, Google on the Nexus devices, Samsung with their Galaxy devices, Raspberry Pi 3 and Xiaomi  with their Redmi devices.  Broadcom and Cypress have since released patches to fix the vulnerability which have been by most major manufacturers.

Commenting on the report, Miloš Čermák, the lead ESET researcher into the Kr00k vulnerability said:

Kr00k manifests itself after Wi-Fi disassociations – which can happen naturally, for example due to a weak Wi-Fi signal, or may be manually triggered by an attacker. If an attack is successful, several kilobytes of potentially sensitive information can be exposed. By repeatedly triggering disassociations, the attacker can capture a number of network packets with potentially sensitive data.

Source 12