A team of security researchers discovered a vulnerability that could allow hackers to parse and unencrypt wi-fi traffic in as many as a billion devices, worldwide. Click To Tweet The vulnerability is known as Kr00k (in English, that sounds aptly named).
Technologies like phones, laptops, smart speakers and routers are liable to be affected.
The issue with Kr00k is that it can cause vulnerable devices to switch to an all-zero encryption key.
“Normally, the encryption algorithms employed by Wi-Fi devices use long, complex keys that are hard to crack. Zeroing out the entire key effectively renders that encryption useless, offering about as much protection to your network activity as a PIN of 0000 would to the sensitive data on your phone.”
Wi-fi manufacturers have been appropriately notified regarding affected chips, and patches have been released.
Be sure that your devices have the latest patches. For those who receive automatic patches, your devices are likely secure.
The details of this story were announced at San Francisco’s RSA conference last week. More details on this story from Forbes.