EXPERTS have raised the alarm on a Wi-Fi hack known as ‘kr00k’ that can expose your search history.
It comes as the US’ Federal Bureau of Investigation (FBI) warns people against using public internet networks.
1
Fraudsters tend to prey on the weaker security and bigger victim pool that comes with shared Wi-Fi.
“Preventing internet-enabled crimes and cyber intrusions requires each of us to be aware and on guard,” the FBI wrote in a recent announcement.
“Be careful when connecting to a public Wi-Fi network and do not conduct any sensitive transactions, including purchases, when on a public network.”
Experts Mathy Vanhoef, Domien Schepers and Aanjhan Ranganathan have described the kr00k hack as a Wi-Fi “design flaw” in a recent paper.
Information about a network’s management, control and data is documented in what’s known to experts as Wi-Fi frames.
These frames will be queued and buffered so that they’re sent to access points at appropriate times.
Access points are devices similar to the broadband router you have at home, but is designed for local wireless networks that are often found in train stations, airports, shopping centres and hotels.
However, hackers can intercept these frames when they are buffering, according to the three researchers.
Most read in Tech
This means they can get a text-based breakdown of their victims browser history on almost all devices.
Cyber criminals can evade the security blockades on Windows and Mac computers, as well as iPhone and Android devices.
“The unprotected nature of the power-save bit in a frame’s header, which our work reveals to be a fundamental design flaw, also allows an adversary to force queue frames intended for a specific client resulting in its disconnection and trivially executing a denial-of-service attack,” the researchers explained in their paper, which will be presented at the Usenix Security Symposium later this year.
The snoop would have to be in radio range of the wireless devices, be it your iPhone or Windows PC, to exploit the security flaw.
In some cases, hackers may also need to be connected to the same network as you, or at least have the ability to join it.
While privacy should be a given when using Wi-Fi, American technology giant Cisco noted that the “information gained by the attacker would be of minimal value.”
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
