New Wi-Fi Exploit Can Hijack Your Device! Here’s How to Protect Yourself
A group of researchers has recently uncovered a new Wi-Fi exploit that poses a significant security threat to iOS, Linux, and Android devices. The flaw in question is rooted in the fundamental design of the IEEE 802.11 Wi-Fi standard, which is utilized by the vast majority of Wi-Fi networks worldwide.
The newly discovered exploit leverages the power-saving feature of the base station to circumvent Wi-Fi encryption and intercept network traffic on hotspot-like networks. To carry out the attack, the perpetrator must first forcibly disconnect the user device before it connects to the network. They then need to spoof the MAC address of the target device and use its credentials to gain access and get a response. Once accomplished, the attacker can access network data in plaintext or unencrypted form. The exploit can also be utilized for a “context override attack,” which thwarts clients from attacking each other.
The method is particularly effective against public hotspots that are often protected by Passpoint, and attackers can use it to authenticate the user with their phone’s SIM card. Even those who have WPA2 or WPA3 routers on their home networks and have the “client isolation” feature enabled are not safe from the exploit.
To protect oneself from this vulnerability, users can download the open-source tool called MacStealer, which lets them know if the new exploit affects their Wi-Fi network. Cisco recommends that network administrators use policy enforcement mechanisms and transport layer security to encrypt the data.
One can also enable the MAC Address Randomization feature, which is already available on most devices, to provide an extra layer of security. The feature applies a randomized MAC address, which is a device-specific 12-character number. By enabling MAC Address Randomization, the original MAC address on the network is masked, making it more challenging for attackers to carry out the attack. However, this is not a foolproof solution since network providers can disable it. Researchers suggest that it is currently the best way to patch the exploit.
To enable the MAC Address Randomization feature, users should go to their router settings and enable it from there. They may need to look up the router’s model number and settings on the internet since the feature depends on the Wi-Fi router’s model and manufacturer.
In conclusion, the new Wi-Fi exploit poses a severe security threat to a broad range of devices worldwide. To protect themselves, users can use tools like MacStealer, enable MAC Address Randomization, and use policy enforcement mechanisms and transport layer security to encrypt their data. By following these measures, users can minimize the risk of falling victim to this new Wi-Fi exploit.