BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Vulnerability in the underlying Wi-Fi protocol allows attackers to intercept network traffic

    Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 Wi-Fi protocol standard, introduced back in 1997. Vulnerability CVE-2022-47522 allows attackers to trick access points into transmitting so-called "network frames" in unencrypted form, available for interception.

    Wi-Fi frames are data containers consisting of a header, data payload, and other information including the source and destination MAC address, and control data. These frames are queued and transmitted in a controlled manner to avoid collisions and maximize communication performance.

    Researchers have found that buffered frames are not sufficiently secure against hackers. As a result, the latter can manipulate data transfer, spoof clients, redirect and capture data frames.

    The root of the vulnerability lies in the fact that the IEEE 802.11 standard includes power saving mechanisms that allow Wi-Fi devices to save power by buffering or queuing frames destined for idle devices.

    When a receiving device on a Wi-Fi network enters standby mode, it sends a frame to the access point (router) with a header containing a power save bit. Since the device is temporarily unavailable, all frames destined for it are queued. But as soon as the device wakes up and transmits a wake-up bit, the access point removes the buffered frames from the queue, applies encryption, and transmits them to the destination.

    Malefactors can interfere with this process by means of special software tools. The researchers called their tool that performs this function "MacStealer" (not to be confused with the malware of the same name for MacOS). So, potential hackers can manually “put to sleep” a device connected to the network, thereby creating a queue of frames that the router will later transmit to it. And then change the security context of the frames and force the access point to transmit the accumulated frames in plain text (without encryption) or encrypt them with its own key. When everything is ready, the attackers send a wake-up bit to the access point, and the frames intended for the target device “fly away” to it in the form in which hackers can easily read these frames.

    The researchers report that Lancom, Aruba, Cisco, Asus, and D-Link network device models are susceptible to this kind of attack. The full list is below.

    These attacks can also be used to inject malicious content into TCP packets. "This could, for example, be abused to send malicious JavaScript code to the victim over unencrypted HTTP connections in order to exploit vulnerabilities in the client's browser," the researchers say.

    The first network equipment vendor to acknowledge the impact of this vulnerability was Cisco. The attacks described in the study can be successful against Cisco Wireless Access Point products and Cisco Meraki products with wireless capabilities. However, Cisco believes that received frames are unlikely to compromise the overall security of a properly secured network.

    To mitigate even the slightest security risk associated with this vulnerability, Cisco recommends that you implement transport layer security to encrypt data in transit. Because it will make the received data unusable by an attacker.

    Currently, there are no known cases of malicious use of the vulnerability discovered by researchers. But given the enormous scale of the distribution of the IEEE 802.11 protocol, the researchers themselves showed cybercriminals a new path to access confidential user data.

    In the near future, we can safely expect the emergence and spread of the attacks described in the study, because it will not be possible to release a patch fix for all existing Wi-Fi equipment. The same Cisco, mentioned above, often simply refuses to spend time updating old unsupported devices, even if the identified vulnerabilities are truly critical.

    Author DeepWeb
    Two-factor authentication and possible ways to bypass it
    New malware from Chinese hackers targeting Linux servers

    Comments 0

    Add comment