A recent study by cybersecurity researchers in Belgium and the US revealed a new type of Wi-Fi attack that can bypass encryption by manipulating transmit queues. The researchers named the attack "Framing Frames," and found that it can release queued-up network packets without encryption or with a new session key that attackers choose for the purpose.
The research revealed that when a Wi-Fi user disconnects from the network temporarily, access points save any reply packets that arrive for requests that were still unanswered at the time the device powered down or went out of range. However, the researchers discovered that active adversaries could shake loose some queued-up data from access points. The queued-up data was stored in decrypted form, anticipating that it might need to be re-encrypted with a new session key for delivery later on.
One of the attacks involved tricking access points into releasing queued-up network packets either without any encryption or with a new session key that the attackers chose for the purpose. The researchers found that numerous access points didn’t worry about the fact that queued data that was originally requested in an encrypted format was now being released in unencrypted form, and so at least some data would leak out.
To mitigate the risk of the attack, access point developers should use the 5.6 kernel or later if their access points run on Linux. Developers should also flush traffic queues on key changes and refuse to re-encrypt queued data received under the old key. Hotspot users can minimise the amount of unencrypted traffic they send by adding an additional layer of application-level encryption, such as HTTPS for web browsing and DNS-over-HTTPS for DNS requests.
In conclusion, the study highlights the importance of understanding Wi-Fi security vulnerabilities and proactively taking measures to safeguard against attacks. It is crucial to use the latest security updates and employ best practices for securing Wi-Fi networks to prevent attackers from exploiting vulnerabilities.
0 Comments