Fabian Antunes

KRACK Attack

Discussion created by Fabian Antunes on Oct 16, 2017
Latest reply on Oct 16, 2017 by Dameon Welch-Abernathy

As we are living the "fallout" from the recently disclosed KRACK (Key Reinstallation AttaCK) vulnerabilities, I would like to know if anyone has any additional information or insights about it and also what Check Point has to say about it... 

 

KRACK is an attack that targets the WPA2 (Wi-Fi Security Protocol) 4-way handshake and allows the attacker to do many nasty things like MITM, SSL strip, inject malicious data into communications, etc. The big issue here is that almost every implementation of WPA2 is affected, so all(most) of our Wi-Fi enabled devices (including our loved IoT) are at risk.

 

Details about the KRACK (official website):

KRACK Attacks: Breaking WPA2 

POC Video:

KRACK Attacks: Bypassing WPA2 against Android and Linux - YouTube 

 

Any additional thoughts here are welcome, including advisories about mitigations and what to do.

 

Thank you.

Outcomes