Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Wi-fi. Show all posts
Wi-fi
APT28 Cyber Hackers CyberCrime Cybersecurity Cyberthreats Data Breach Volexity Wi-fi

Wi-Fi Exploit Enables Russian Hackers to Breach US Business

 


A sophisticated cyberattack was carried out by a Russian state-sponsored group, which is believed to be APT28 (Fancy Bear), which exploited a large U.S. enterprise's Wi-Fi network remotely. This breach was first detected by cybersecurity firm Volexity on February 4, 2022, while it targeted a Washington, DC-based organization whose projects related to Ukraine were being carried out. 

A group of Russian hackers, reportedly linked to Russia's GRU military intelligence, managed to gain access to the wireless network through a password-spraying attack on another service, which allowed them to obtain the credentials needed to connect. The Russian state-sponsored hackers known as "APT28" have exploited a novel attack technique called 'nearest neighbour attack' to penetrate a U.S. company's enterprise WiFi network to spy on employees' activity. 

Although the hackers were thousands of miles away, they could compromise an organization nearby within WiFi range, providing a pivot from where they could reach their destination. Security firm Volexity was able to detect the attacks on February 4, 2022, as it had been monitoring the hackers, codenamed 'GruesomeLarch', as they had been monitoring the attack for many weeks beforehand. 

APT28, which is associated with the General Staff's Main Intelligence Directorate (GRU) and is part of the Russian military's 26165 unit, has been conducting cyber operations since at least 2004 in conjunction with a Russian military unit. Using a hijacked device in a neighbouring building across the street, Russian state-sponsored hackers were able to log into a Wi-Fi network in the United States without ever leaving their country of residence. 

Volexity, a security vendor, documented a rare hacking technique that they call the "Nearest Neighbor Attack." The company discovered the incident in January 2022, when an unnamed customer, calling itself Organization A, suffered a system hack. Initially, the attackers, whom Volexity tracks as GruesomeLarch, gained access to the target's enterprise WiFi network by accessing that service through a password-spraying attack that targeted the victim's public-facing services, as the passwords were flooded. 

Nonetheless, the presence of one-time password (OTP) protection meant that the credentials could not be used to access public web-based services. As far as connecting to the enterprise's WiFi network was concerned, MFA was not required, however, being "thousands of miles away from the victim and behind an ocean" posed a significant inconvenience. It was through this creative use of the hacker's brain that they began looking into buildings nearby that could be potential pivots to the target wireless network, in fact they started to do so. 

APT28 compromised multiple organizations as part of this attack and was able to daisy-chain their connection between these organizations by using legitimate access credentials to connect with them. At the end of the investigation, they discovered a device within a certain range that was capable of connecting to three wireless access points near the windows of a victim's conference room to retrieve their data. 

An unprivileged account used for the remote desktop connection (RDP) allowed the threat actor to move around the target network from one point to another searching for systems of interest and exfiltrating sensitive information from them. Three Windows registry hives were dumped by the hackers: SAM, Security, and System. This hive was compressed into a ZIP archive and then exfiltrated by the hackers using a script named 'servtask.bat'. 

The most common way they collected data while minimizing their footprint was to use native Windows tools. As a result of Volexity's analysis, it was also identified that GruesomeLarch was actively targeting Organization A so that data would be collected from individuals and projects active in Ukraine who have expertise in and experience with those projects. Despite Volexity's initial inability to confirm an association between the attacker and any known threat actors, a subsequent report by Microsoft pointed to certain indicators of compromise (IoCs) that matched the information Volexity had observed, indicating that the Russian threat group was responsible. 

Microsoft's cybersecurity report indicates that it is highly likely that APT28 was able to escalate privileges before launching critical payloads within a victim's network by exploiting the CVE-2022-38028 vulnerability in the Windows Print Spooler service within the victim's network. This is a zero-day vulnerability in Windows. 

APT28, a group that executes targeted attacks using the nearest neighbour technique, successfully demonstrated that close-access operations, which are usually performed at close range, can be executed from a distance, eliminating the risk of identifying or capturing the target physically. Even though internet-facing devices have benefited from increasing security over the past year, thanks to services such as multi-factor authentication and other types of protections that have been added, WiFi corporate networks have largely remained unprotected over the same period.
Read more »
Wi-fi
Cyber Hacking Cyberattacks CyberCrime Cybersecurity Cyberthrears Passwords Privacy Routers Wi-fi

The Hidden Dangers of Compromised Wi-Fi Routers

 


Cybercriminals who attack routers are swift and precise, spending countless hours studying network vulnerabilities to compromise sensitive data and then taking advantage of those vulnerabilities to compromise the router. The term "router hacking" refers to taking control of a user's router without their consent by a cybercriminals.

The Wi-Fi hacker, like other types of hackers, relies on security measures that a user may have implemented to protect themselves against the hack - often the administrator password for their router or an unpatched vulnerability in their system. The hacker has a variety of tricks that he can use if he wants to hack into a router successfully. 

There is a risk that a hacker will be able to gain access to a router in minutes if the user has not set a strong password for their router. The hacker can take control of users' router after they have gained access, and even change the settings or install malicious software on users' router after they have gained control. These are all signature signs that users have been hit by a black-hat hacker, as opposed to their more altruistic white-hat cousins. 

Approximately one in 16 internet-connected home Wi-Fi routers can be remotely accessed by attackers using the manufacturer's default admin password. Getting continually kicked off users' home networks can be super annoying, but that's what some hackers will do. A hacker may use a de-authentication attack to target network devices. To do so, a hacker does not even need administrative access to the user router; they only need to find the router and device users' using. They can do this by using a tool such as Aircrack-ng. After doing so, they craft a command that uses the users' router's authentication protocol to deauthenticate users, thus kicking them off the network. 

A Forbes study found that 86% of users never change their default credentials. As default credentials are easily found online, all hackers must do a perfunctory Google search to find the information they need to log into users' routers. If they do, they can change things like the password and SSID. Changing the password will kick users off their network, and changing the SSID will change their network name. They could also hide users' networks entirely after kicking them off and changing the name, making it difficult to get back online. Scammers employ various methods to hack into Wi-Fi networks, exploiting vulnerabilities and poor security practices.

One common technique is brute-forcing Wi-Fi passwords, where hackers systematically attempt numerous password combinations to gain access. Once successful, they can lock users out by changing the password and taking control of the router. Another method involves using the router’s default credentials, often left unchanged by users. Cybercriminals can exploit these factory-set admin passwords to alter router settings, emphasizing the importance of creating a unique password and SSID (wireless network name) for enhanced security. 

Unpatched firmware vulnerabilities also present significant risks. Attackers can exploit outdated software to infiltrate a router's internal systems. For instance, in June 2023, Asus issued critical firmware updates to protect against remote code execution attacks. One of the most severe vulnerabilities, CVE-2018-1160, dating back to 2018, carried a high severity rating of 9.8 on the Common Vulnerability Scoring System (CVSS). 

Furthermore, cybercriminals can execute Domain Name Server (DNS) hijacking by altering a router’s DNS settings and redirecting users to malicious phishing websites. These examples underscore the importance of updating router firmware regularly, using strong passwords, and proactively securing Wi-Fi networks. Understanding the signs of a hacked router is essential for safeguarding users' networks. Altered DNS settings are a major indicator of a breach, as hackers may manipulate these settings to redirect users' internet traffic without their knowledge, potentially launching devastating pharming attacks. 

Users can check their router’s DNS settings in the admin menu to ensure they have not been tampered with. Another red flag is an inability to access the router using the user's admin password. If the credentials no longer work, it could mean a hacker has changed them. In such cases, perform a factory reset immediately and create a new, strong password. Unexpectedly slow internet can also hint at a router hack, especially when accompanied by other suspicious activities. Hackers may exploit users' bandwidth, causing noticeable performance drops. Additionally, strange software or malware on users' devices can result from a router breach, as hackers often use this method to infiltrate connected devices. While malware can spread through various means, its presence alongside other signs of hacking is a cause for concern. 

Monitoring users' networks for unrecognized devices is another critical security measure. Tools like AVG AntiVirus FREE can detect when unfamiliar devices join users' Wi-Fi, issuing alerts that prompt further investigation. While unauthorized devices don’t always indicate a router hack, their presence could lead to one, emphasizing the need for continuous network monitoring. Using reliable security software is vital to protecting users' devices and networks. AVG AntiVirus FREE offers comprehensive cybersecurity features, including real-time malware detection, phishing defence, ransomware protection, and tools to secure users' Wi-Fi networks from potential router hackers. Staying vigilant and equipped with robust security measures ensures a safe online experience.

Hackers can easily carry out this kind of attack even if they do not have administrative access to the user's router; they only need to identify the router and the device that users use to do so. An aircraft-ng tool, which is available online, can be used to accomplish this task. As a result, they craft a command that uses the authentication protocol of the users' router to deauthenticate them, which means they are kicked off of the network once more. The study by Forbes found that 86% of users do not change their default credentials despite being notified about it. 

The default credentials for routers can readily be found online, so it is only a matter of a quick Google search before hackers can discover the credentials they need to access the routers of their targeted victims. In that case, they can change things such as the password and the SSID of the network. By changing a user's password, they will be kicked off their network, and by changing their SSID, their network name will be changed. It's possible that they could also hide the users' networks entirely after they have been kicked off and changed their names, which would make it difficult for them to return to the network. Using a variety of methods, scammers can hack into Wi-Fi networks by exploiting the vulnerabilities and unfavourable security practices that exist. 

There is no doubt that the most common method of hacking Wi-Fi passwords in today's world is through brute-force attacks, which involve scanning many different combinations of passwords too to discover someone's password by scanning all of the combinations simultaneously. When they are successful in taking control of the router, they can lock users out of their accounts by changing their passwords. A second method involves the use of the router's default credentials, often left unchanged by users when they set up the router. These factory-provided admin passwords can be vulnerable to abuse by cybercriminals, highlighting the importance of using a unique password and SSID (wireless network name) for enhanced security when setting up users' routers. 

As a result of firmware vulnerabilities that remain unpatched, there are significant risks involved. There are several ways in which attackers can compromise the internal operating systems of a router by exploiting outdated software. Asus's most recent firmware upgrade for its laptops was released in June 2023, preventing remote code execution attacks against the device. On the Common Vulnerability Scoring System (CVSS), which calculates the severity of vulnerabilities based on their association with security incidents and their impact, CVE-2018-1160, dated back to 2018, had a severity rating of 9.8. A further method of executing Domain Name Server (DNS) hijacking is to alter a router's DNS settings, redirecting the user to malicious phishing sites by altering the DNS settings of a router. 

As a result of these examples, router firmware must be updated regularly, strong passwords are used, and wi-fi networks are carefully secured proactively. Recognizing the signs of a hacked router is crucial for protecting users' networks. Altered DNS settings often indicate a breach, as hackers can manipulate these to redirect users' internet traffic and launch phishing or pharming attacks. Regularly reviewing users' routers' DNS settings in the admin menu can help prevent such risks. Similarly, being unable to access the router with their admin password may mean hackers have taken control. In such cases, a factory reset followed by setting a strong new password is essential. 

A sudden drop in internet speed, especially when combined with other suspicious activity, could point to unauthorized bandwidth usage by hackers. Additionally, unexpected malware or unfamiliar software on users' devices might result from a router breach. Monitoring for unrecognized devices on users' networks is equally important, as these can indicate unauthorized access and potential hacking attempts. 

Investing in robust security tools is a key step in safeguarding users' digital environments. Comprehensive solutions like AVG AntiVirus FREE provide 24/7 protection against malware, phishing, ransomware, and other threats while keeping users' network secure from unauthorized access. Staying proactive with these measures is the best defense for ensuing their online safety.
Read more »
WIreless Connection
Bluetooht Cyberattacks CyberCrime Cybersecurity Police Technology Wi-fi WIreless Connection

Digital Espionage: The Dark Side of Bluetooth Tracking and Police Surveillance

 


Using a Bluetooth device, a robotics hacker has created a service that allows citizens to monitor police activity in real-time, using technology. His service enables people to follow police activity using the information and data that law enforcement officers give them, according to the hacker. 

Almost all smartphones, tablets, and laptops come with Bluetooth technology integrated into them, which is an incredibly useful wireless technology. In addition to transferring files, playing audio wirelessly, and acquiring health data from wearable trackers, users can use it for many other purposes. 

Bluetooth is also being targeted as a means of breaking into users' devices and stealing the information they have on them, similar to WiFi. The fact that Wi-Fi and Bluetooth are so useful makes the majority of people keep them active continuously on their devices. 

As a consequence, this can make them potentially vulnerable to bluebugging, which is a technique that uses Bluetooth technology to attack their devices remotely. There is a way for hackers to spy on police officers by hacking their systems. 

A monitoring system that uses Bluetooth signals emitted by firearms and cameras carried by law enforcement officers can be used to monitor the activities of the officers. A Bluetooth-enabled device could be used to avoid police mistakes, as stated by the duo behind a tool that detects signals. 

There is a possibility of tracking most police activities using Bluetooth technology within the police department. Alan Meekins, the founder of RFParty, a Bluetooth startup that has been integrating with the RFParty Bluetooth platform, informed Engadget that police officers are likely to leak their location via Bluetooth signals emitted by their devices. 

Using Bluetooth technology, a hacker, whose name is Nullagent, has developed a service where individuals can monitor police activity on their smartphones. Nullagent stated at the Def Con conference that Axon, one of the biggest suppliers of law enforcement equipment, uses Bluetooth as a means of connecting its police equipment to its computers. 

If citizens have access to Bluetooth data, they could gain valuable insights into police conduct and could compel law enforcement to release video footage that was taken from body cameras. However, there are concerns that this data may be misused by cybercriminals to gain information for fraudulent purposes. 

Hackers can hack users' devices and trick their devices into connecting to Wi-Fi and Bluetooth networks controlled by cybercriminals. This will allow them to bombard users' devices with malware, spy on their activities and even steal their data from their text messages and apps (when their phone is connected to those networks). 

It is common for Bluetooth devices to have a 64-bit identifier called a MAC address, which is the unique identifier that identifies them from each other. A device's address often contains an Organizational Unique Identifier (OUI), which serves as a way to identify where the address came from. 

Axon is a company best known for its Tasers, and Meekins and his co-founder Roger “RekcahDam” Hicks were drawn to Axon after researching the Internet-connected devices that were being used by many police departments. In the present day, police equipment is equipped with Bluetooth-enabled technology, including Tasers, body cameras, and laptops in vehicles (often made by Axon). 

It was found by simply reading through the company documentation that they could find the OUI for the holsters of some police officers. They can even send a Bluetooth ping when the gun is unholstered. Police violence should be combated In the Bluetooth RF Party project, the duo aims to contribute to the fight against police violence and contribute to it. 

As an agent’s body camera is used to record a video, it is possible to detect that this video was recorded by the agent’s body camera by analyzing the Bluetooth signals emitted by the device. In theory, this information could force the police to provide footage that is compromised. It is possible to use the RFParty Bluetooth application, which can be accessed from the Google Play Store, to gather information on the event, sometimes crucial, and use that information to corroborate or deny the testimony provided. 

This can be done by analyzing Bluetooth signals and determining if a Taser or electric gun was used. Using Bluetooth signals, people can easily determine all of this information. There are several testimonials from users of the app on X that have already used these features to track law enforcement in their area. Even though the RFParty application itself is not directed towards spying on police, a few users have already used it to do so. 

How can you ensure that you remain safe?

There have been some guidelines given by the Dorset Police to residents of Bournemouth, which users can all use to avoid becoming victims of blue bugging in the future. The first thing users need to do is disable Bluetooth on their devices whenever they are not using them. 

In addition, it is important to turn off these services, such as AirDrop and Fast Share, which rely on Bluetooth unless users are sending or receiving files from a friend that you are familiar with. By restricting access to Bluetooth services, it would be much harder (if not impossible) for people to become victimized by blue bugging in the future. 

In addition, it is recommended that users make sure that their smartphone, tablet, and Bluetooth-enabled computer have an antimalware application installed. The antimalware app will alert them if any suspicious activity or attempts are made to gain access to users' devices through its perimeter, protecting their privacy and personal information in the event a hacker does gain access to their device. There are fortunately not a lot of blue bugging attacks around - but this could gradually change over the coming months.
Read more »
Wi-fi
Cyber Security Data Privacy Hacking Internet Safety Network Prevention Protection Security Wi-fi

Secure Your Wi-Fi: Spot Hacking Signs and Preventive Tips

 

The discussion around being cautious regarding security while utilizing public Wi-Fi networks is well-known due to the susceptibility of these networks to compromise by criminals. Yet, it's essential to recognize that private Wi-Fi networks are also vulnerable to hacking.

Cybercriminals possess the ability to breach private Wi-Fi networks and gain access to personal data. Gaining insight into their techniques is crucial for enhancing network security.

Methods Employed by Cybercriminals to Compromise Wi-Fi Networks

The inherent wireless nature of Wi-Fi networks allows numerous devices to connect concurrently. However, vulnerabilities exist that attackers exploit to illicitly access browsing sessions. Several tactics are employed to achieve this...

1. Obtaining Router's Default Password
Relying on the default password of your Wi-Fi router poses risks, as intruders can deduce it from the device's settings. It is advisable to change the password immediately upon setting up your connection. Once this step is taken, the default passcode becomes invalid.

2. Utilizing Brute-Force Attacks
Merely altering the default password doesn't guarantee immunity against hacking. Malevolent actors can utilize brute-force techniques, attempting multiple combinations of usernames and passwords until a match is found. This process is automated to expedite testing numerous login credentials.

3. Executing DNS Hijacking
Hackers might execute a DNS hijack, redirecting traffic from your device to their malicious websites. This manipulation involves altering the queries generated by your Wi-Fi's DNS. Consequently, you unknowingly connect to their sites, enabling them to extract your data.

Detecting Signs of Wi-Fi Breach

Cybercriminals endeavor to execute non-intrusive infiltration of your Wi-Fi network. However, by remaining vigilant, you can discern potential indications of compromise:

1. Unfamiliar IP Addresses Connected
Each internet-connected device possesses a distinctive IP address. Your Wi-Fi maintains a roster of connected IP addresses. Although these devices might not be readily visible, they are stored in a designated area. Reviewing the IP address section in your device settings can reveal unfamiliar devices.

2. Browser Redirection
Hacked Wi-Fi networks often prompt web browsers to perform unintended functions. For instance, inputting a specific URL may result in redirection to unfamiliar websites. Such alterations indicate a DNS setting change, redirecting browsers to malicious sites for data extraction.

3. Modified Wi-Fi Password
Observing sudden password inaccuracies indicates potential intrusion. If you haven't modified the password, a hacker likely has. Changing the password is among the first steps taken by scammers post-breach, denying your immediate access and facilitating their control.

4. Sluggish Internet Connection
While occasional internet slowdowns are common, persistent sluggishness can denote unauthorized network access. Intruders could engage in bandwidth-intensive activities, causing noticeable network degradation.

Preventive Measures Against Wi-Fi Hacking

Despite Wi-Fi's associated security risks, several proactive steps can thwart potential attacks:

1. Enable Encryption Mode
Utilizing encryption safeguards against eavesdropping attacks that intercept communications. Encryption obfuscates data, rendering it indecipherable to external parties even if acquired. Contemporary Wi-Fi routers typically include default encryption options like WPA and WPA2, enhancing security.

2. Regular Password Changes
The security of your Wi-Fi network hinges on your password's strength. While robust passwords are advised, their invulnerability is uncertain. To preempt this, periodically alter your router's password. This continual modification deters intruders. Employing a password manager can alleviate the inconvenience while boosting security.

3. VPN Usage in Public Spaces
Public Wi-Fi networks are susceptible to intrusions. Utilizing a virtual private network (VPN) conceals your IP address, rendering you inconspicuous while browsing. This measure safeguards against criminal attempts to compromise your connectivity.

4. Deactivate Remote Administration
Remote access to Wi-Fi networks, though convenient, is exploited by attackers. Disabling remote administration, unless necessary, closes an exploitable gap.

5. Turn Off Wi-Fi When Inactive
Inactive Wi-Fi is impervious to hacking. Switching off your router during periods of inactivity eliminates immediate threats and prevents unauthorized usage by neighbors.

6. Fortify Wi-Fi Security Settings
Private Wi-Fi networks offer substantial user and security controls. Activation of multiple security features is advisable. Layers of security present formidable challenges for criminals attempting unauthorized entry.

In conclusion, while discussions often center on the vulnerability of public Wi-Fi networks, it's vital to recognize that private networks are not immune to hacking. Understanding the tactics employed by cybercriminals, recognizing breach indicators, and implementing comprehensive security measures are pivotal in safeguarding your Wi-Fi network and personal data.
Read more »
Wi-fi
Cyber Security Drone Network Protocol User Privacy Wi-fi

A Newly Discovered Bug Allows Researchers to See through Walls

 

Cybersecurity researchers at the University of Waterloo in Ontario have designed a drone-powered tool that employs WiFi networks to infiltrate barriers. 

Called Wi-Peep, the device was created by researchers Ali Abedi and Deepak Vasisht utilizing a drone purchased at a store with $20 worth of cheap components. 

According to the study presented at the 28th Annual International Conference on Mobile Computing and Networking, Wi-Peep launches a “location-revealing privacy attack” to exploit the data in WiFi networks and employs it to “see through walls,” or, rather, approximate the location of devices via sneaky scanning. 

Modus operandi 

With an abundance of Wi-Fi connections, any small vulnerability can damage user privacy. The Wi-Peep device exploits loopholes in the IEEE 802.11 - a longstanding wireless protocol for local access networks - to draw out responses from devices in a wireless network. 

First, the Wi-Peep spoofed a beacon frame, causing all devices to immediately send a response that the Wi-Peep detected and used to determine all devices’ MAC addresses. After identifying the MAC addresses, the Wi-Fi deploys an unencrypted data packet to the victim’s device. Without proper encryption, this packet could not control the device; however, thanks to “Polite Wi-Fi,” the device deploys a confirmation, regardless of the contents of the packet. 

This confirmation effectively closes the loop between Wi-Peep and the target device, allowing Wi-Peep to spot the device’s location employing a time-of-flight (ToF) measurement combined with the localization model. The measurements precisely determine the device's position with around a meter of accuracy, making it a disturbingly effective localization technique. 

Abedi and Vasisht worry that a hacker armed with this device could potentially “infer the location of home occupants, security cameras, and home intrusion sensors.” 

During their presentation, researchers stated the device can be employed to “track the movements of security guards inside a bank by following the location of their phones or smartwatches. Likewise, a thief could identify the location and type of smart devices in a home, including security cameras, laptops, and smart TVs, to find a good candidate for a break-in. In addition, the device’s operation via drone means that it can be used quickly and remotely without much chance of the user being detected.”
Read more »
Wi-fi
Coronavirus Cyber Attacks Cyber Security Wi-fi

A New and Amazingly Simple Device in an Era of Pandemics to Protect Your Privacy



A period of pandemics and social distancing sent more people than ever into the work-from-home world. These new realities mean average consumers at home wound up confronted with yet another problem. 

A considerable lot of their household internet setups came up short on the security and protection of bigger workplace setups that incorporate upgraded cybersecurity and firewalls. Here steps in a new and incredibly simple on-hand device to plug those privacy gaps at the source. 

The Firewalla cybersecurity unit hit the market before anyone even realized what a coronavirus was. Nobody could've envisioned how ideal its feature would be. It was initially expected to prevent the 'creep next door' from redirecting the user's Wi-Fi sign or taking advantage of their home security cameras. 

The device is made to shield all devices on the system from cyberattacks and alert the user when anything worrying is to such an extent as endeavored. When the user purchases the unit and assigns out its guard duty, there's no monthly fee. 

The magic device additionally comes with a rather one of a kind feature through which it constructs a personal online firewall, there's the "Family Time Social Hour" ability that totally blocks every single social media platform for each hour in turn. 

Regardless of whether the user needs to compel everybody to complete some work or ground kids in some face-to-face interaction, a world without Twitter or Facebook for an hour is indeed a brilliant place. 

Apart from this addition keeping the user's private messages, documents, and other online behavior behind their home's own readymade firewall, this little blue box empowers monitoring of any minor's Wi-Fi use. 

Parents can likewise utilize Firewalla to keep out unwanted sites and online networking intruders. 

Nonetheless, the devices are pretty simple to set up and ready to improve personal and home-based situated online security in numerous ways, the Firewalla is a sensibly evaluated and viable choice for ensuring online privacy regardless of whether your home hasn't become a base for pandemic-time homebound work. 

The Firewalla Blue comes with 500Mb processing power, while the more affordable Firewalla Red offers 100Mb and sells for $109. As of now, only Firewalla Red is accessible at Amazon. Nonetheless, both the versions remain accessible and in stock at the Firewalla website.


Read more »
Wi-fi
Black hat Cybersecurity Spectra Wi-fi

New Spectra Attack that breaks the division between Wi-Fi and Bluetooth to be released at Black Hat Security Conference


The developers call it "Spectra." This assault neutralizes "combo chips," specific chips that handle various kinds of radio wave-based remote correspondences, for example, Wi-Fi, Bluetooth, LTE, and others. The attack system is set to release in August at the Black Hat Security Conference in a virtual session. The full academic paper with all details will also be published in August. The researchers teased a few details about the attack in an upcoming Black Hat talk, "Spectra, a new vulnerability class, relies on the fact that transmissions happen in the same spectrum, and wireless chips need to arbitrate the channel access."


The Spectra assault exploits the coexistence mechanism that chipset merchants incorporate within their devices. Combo chips utilize these systems to switch between wireless technologies at a quick pace. Specialists state that while this coexistence mechanism speeds execution, they likewise give a chance to attackers for side-channel assaults. Jiska Classen from Darmstadt Technical University and Francesco Gringoli researcher from the University of Brescia state that they are the first to explore such possibility of using the coexistence mechanism of Combo chips to break the barrier between Wireless.

"We specifically analyze Broadcom and Cypress combo chips, which are in hundreds of millions of devices, such as all iPhones, MacBooks, and the Samsung Galaxy S series," the two academics say. "We exploit coexistence in Broadcom and Cypress chips and break the separation between Wi-Fi and Bluetooth, which operate on separate ARM cores." Results change. However, the research group says that specific situations are possible after a Spectra assault. "In general, denial-of-service on spectrum access is possible.

The associated packet meta-information allows information disclosure, such as extracting Bluetooth keyboard press timings within the Wi-Fi D11 core," Gringoli and Classen said. "Moreover, we identify a shared RAM region, which allows code execution via Bluetooth in Wi-Fi. It makes Bluetooth remote code execution attacks equivalent to Wi-Fi remote code execution, thus, tremendously increasing the attack surface." Though the research used Broadcom and Cypress chips for Spectra attacks, the researchers Gringoli and Classen are sure that this attack will work on other chips.
Read more »
Subscribe to: Posts (Atom)