WPA-2 Injection alert

ATHF
ATHF Member Posts: 6
First Anniversary First Comment Photogenic

Not sure if anyone has read this, but if that's just a batch, I wonder who else is at risk, and in Fing can help if they don't offer updates.

https://www.techradar.com/news/your-wireless-router-could-be-hacked-if-you-have-this-vulnerability

Robin_from_FingMarc

Best Answer

  • GaoGao
    GaoGao Member Posts: 30
    10 Comments First Answer Name Dropper Photogenic
    edited October 16, 2020 #2 Accepted Answer
    Marc said:
    Home networks are hacked, for bot placements, malicious mischief etc...  Let's also not forget recent covid related work from home postures and the increased value a hacker can glean from attacking a home network because of this.
    To exploit this flaw the hacker needs to be at very close range (about maximum 50m for 2.4Ghz, and 15m for 5Ghz) this is impractical to create a botnet and pretty risky for the hacker. They are many others easiest attack vectors (remote ones) than this one in hackers tools box. It is just one tool, possible of course but useful only for a very targeted attack. If some home user is valuable enough to be targeted in such precise and aggressive way this flaw is the least of her/his worries.
    If you can't explain it simply, you don't understand it well enough.

Answers

  • Marc
    Marc Moderator, Beta Tester Posts: 2,677
    1,000 Likes 2500 Comments 100 Answers 250 Awesomes
    ✭✭✭✭✭✭
    Thanks for this @ATHF...  I wish they would have published a comprehensive list of vulnerable devices. Following a links from the source and they did identify a few routers that are vulnerable.  https://www.synopsys.com/blogs/software-security/cyrc-advisory-sept2020/?cmp=pr-sig&utm_medium=referral

    Kind of good news is that patches for the identified units will be coming...  Of course no ETA...

    I guess if folks are curious, they could Google their routers Chipsets to see if it affects them.
    Thats Daphnee, she's a good dog...
  • ATHF
    ATHF Member Posts: 6
    First Anniversary First Comment Photogenic
    I agree, I hope someone is trying it on other routers, not much info on them in the article.
  • Jairo0784
    Jairo0784 Member Posts: 2
    First Comment
    Hola buenas noches, alguien me puede explicar el significado de el color verde y el color azul en la lista de conectados a mi red
  • GaoGao
    GaoGao Member Posts: 30
    10 Comments First Answer Name Dropper Photogenic
    Interesting, seems pretty easy. I did a random quick check, all these chipsets and routers seems 5 and more years old and probably not much in use anymore. But it also means reaching the manufacturer end-of-live and not updated anymore. These are home routers, for businesses the risk is nearly zero and I don't see a hacker spending much time on this trying to compromise a low value target as a home network. So a curiosity, but I do not have a router with these chipset to test this.
    If you can't explain it simply, you don't understand it well enough.
  • Marc
    Marc Moderator, Beta Tester Posts: 2,677
    1,000 Likes 2500 Comments 100 Answers 250 Awesomes
    ✭✭✭✭✭✭
    Home networks are hacked, for bot placements, malicious mischief etc...  Let's also not forget recent covid related work from home postures and the increased value a hacker can glean from attacking a home network because of this.
    Thats Daphnee, she's a good dog...
  • Marc
    Marc Moderator, Beta Tester Posts: 2,677
    1,000 Likes 2500 Comments 100 Answers 250 Awesomes
    ✭✭✭✭✭✭
    Ah, thanks for the clarification.  Agreed probably would not worth the effort for anything but a highly desirable target....
    Thats Daphnee, she's a good dog...
  • ATHF
    ATHF Member Posts: 6
    First Anniversary First Comment Photogenic
    Thank you all for your responses, yes it seems it is older chipsets that are vulnerable. Thanks for your digging into it, as much as you can.
    I just try to be a secure as possible, and I have a lot of free time on my hands, so I am a beta tester for other companies. So I've got 3 Fingboxes (different subnets), and a Security Onion VM scanning everything going out and in. Not paranoid, just love technology!
    Thanks again!
    Marc