Welcome to the community! Read our posting tips, and learn how to earn ranks, levels and badges to get started.

Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.


Happy posting!

WPA-2 Injection alert

ATHFATHF Member Posts: 6
First Anniversary First Comment Photogenic
in Devices & Security

Not sure if anyone has read this, but if that's just a batch, I wonder who else is at risk, and in Fing can help if they don't offer updates.

https://www.techradar.com/news/your-wireless-router-could-be-hacked-if-you-have-this-vulnerability

RobinMarc

Best Answer

  • GaoGaoGaoGao Member Posts: 30
    10 Comments First Answer Name Dropper Photogenic
    edited October 2020 Accepted Answer
    Marc said:
    Home networks are hacked, for bot placements, malicious mischief etc...  Let's also not forget recent covid related work from home postures and the increased value a hacker can glean from attacking a home network because of this.
    To exploit this flaw the hacker needs to be at very close range (about maximum 50m for 2.4Ghz, and 15m for 5Ghz) this is impractical to create a botnet and pretty risky for the hacker. They are many others easiest attack vectors (remote ones) than this one in hackers tools box. It is just one tool, possible of course but useful only for a very targeted attack. If some home user is valuable enough to be targeted in such precise and aggressive way this flaw is the least of her/his worries.
    If you can't explain it simply, you don't understand it well enough.

Answers

  • MarcMarc Moderator, Beta Tester Posts: 2,156
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    Thanks for this @ATHF...  I wish they would have published a comprehensive list of vulnerable devices. Following a links from the source and they did identify a few routers that are vulnerable.  https://www.synopsys.com/blogs/software-security/cyrc-advisory-sept2020/?cmp=pr-sig&utm_medium=referral

    Kind of good news is that patches for the identified units will be coming...  Of course no ETA...

    I guess if folks are curious, they could Google their routers Chipsets to see if it affects them.
    Thats Daphnee, she's a good dog...
  • ATHFATHF Member Posts: 6
    First Anniversary First Comment Photogenic
    I agree, I hope someone is trying it on other routers, not much info on them in the article.
  • Jairo0784Jairo0784 Member Posts: 2
    First Comment
    Hola buenas noches, alguien me puede explicar el significado de el color verde y el color azul en la lista de conectados a mi red
  • GaoGaoGaoGao Member Posts: 30
    10 Comments First Answer Name Dropper Photogenic
    Interesting, seems pretty easy. I did a random quick check, all these chipsets and routers seems 5 and more years old and probably not much in use anymore. But it also means reaching the manufacturer end-of-live and not updated anymore. These are home routers, for businesses the risk is nearly zero and I don't see a hacker spending much time on this trying to compromise a low value target as a home network. So a curiosity, but I do not have a router with these chipset to test this.
    If you can't explain it simply, you don't understand it well enough.
  • MarcMarc Moderator, Beta Tester Posts: 2,156
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    Home networks are hacked, for bot placements, malicious mischief etc...  Let's also not forget recent covid related work from home postures and the increased value a hacker can glean from attacking a home network because of this.
    Thats Daphnee, she's a good dog...
  • MarcMarc Moderator, Beta Tester Posts: 2,156
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    Ah, thanks for the clarification.  Agreed probably would not worth the effort for anything but a highly desirable target....
    Thats Daphnee, she's a good dog...
  • ATHFATHF Member Posts: 6
    First Anniversary First Comment Photogenic
    Thank you all for your responses, yes it seems it is older chipsets that are vulnerable. Thanks for your digging into it, as much as you can.
    I just try to be a secure as possible, and I have a lot of free time on my hands, so I am a beta tester for other companies. So I've got 3 Fingboxes (different subnets), and a Security Onion VM scanning everything going out and in. Not paranoid, just love technology!
    Thanks again!
    Marc
Sign In or Register to comment.