Client Login


Wednesday, October 18, 2017 | BY: Giaspace

Mathy Vanhoef discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.

As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:


Credit goes to:

Recent Posts

Today the FCC Voted 3/2 to remove regulation on the Monopoly of Internet providers in the USA...

Disclosure: This article is not political, nor picking political sides.  Today the FCC Voted 3/2 to remove regulation on the…

Thursday, December 14, 2017

Ransomware Shut Down a Whole North Carolina County

I saw that North Carolina decided not to pay the Ransomware to get their systems back online and will be…

Friday, December 8, 2017

Comcast Internet Outage Nationwide

As a private cloud provider, we need to make sure we limit downtime for our clients.  Today we received a…

Monday, November 6, 2017


Mathy Vanhoef discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range…

Wednesday, October 18, 2017

There is Always Someone Cheaper

It’s true: There is always someone who will do it cheaper. The image above is one that had resonated with…

Wednesday, October 18, 2017

How to Prevent Ransomware And Discourage Data Kidnappers

If the thought of malware is scary, then the idea of ransomware is downright terrifying. A Trojan might steal sensitive…

Tuesday, October 10, 2017

Tech Tools

Test an HTTPS Secured Web Server This free SSL / TLS web server testing tool conducts a thorough analysis of…

Monday, September 4, 2017

Cyber Security Presentation 2017

Monday, September 4, 2017

Ransomware Checklist

Credit goes to KnowBe4

Wednesday, February 22, 2017

HIPAA Supporting Worksheets

A set of individual documents are provided to show detailed information and the raw data the backs up the Evidence…

Thursday, February 16, 2017

Trusted By

Free Consultation 866-442-7723

Partners & Certifications