Early this morning, the SANS Internet Storm Center and other security sites shared proof-of-concept information for a new Wireless Security attack called “KRACK” (Key Reinstallation Attacks).   Some early links include:

https://isc.sans.edu/forums/diary/WPA2+KRACK+Attack/22932/

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

https://www.krackattacks.com/

https://papers.mathyvanhoef.com/ccs2017.pdf

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time. A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against devices running the Android, Linux, macOS, Windows, and OpenBSD operating systems, as well as MediaTek Linksys, and other types of devices. The site warned attackers can exploit it to decrypt a wealth of sensitive data that’s normally encrypted by the nearly ubiquitous Wi-Fi encryption protocol.

The researcher went on to say that the weakness allows attackers to target both vulnerable access points as well as vulnerable computers, smartphones and other types of clients with differing levels of difficulty. Neither Windows nor iOS aren’t believed to be vulnerable to the most effective attacks. Linux and Android appear to be more susceptible, because attackers can force network decryption on clients in seconds with little effort. Vanhoef said clients can be patched to prevent attacks even when connected to vulnerable access points. Linux patches are available but it’s not immediately clear when they will become available for various distributions and for Android users. Patches are also available for some but not all Wi-Fi access points.