WI-FI MALWARE I was going through news articles this morning, trying to find something interesting to read when I came across an article about how some boffins at the University of Liverpool created a virus that affects unsecured (or poorly secured) Wifi Networks. I remember reading about a paper that was published sometime late 2013 that proposed a theory on the possibility of this virus and I wouldnt have thought, 5 months later they would have a working virus called Chameleon. In high density areas (i.e Lusaka, Copperbelt) where Wifi Networks are spread all over the place, if such a virus were deployed, within a period of 25 hours, it would be able to infect every Access Point without proper security or weak encryption algorithms like (WEP). When chameleon infects an Access Point, it replaces its firmware with itself and continues to allow network traffic to and from network clients and even accepts new connections. However, here is the shocking reality, if deployed by an eavedropper, it gives them the ability to stage a very elaborate man-in-the-middle attack, salvaging all network traffic originating from clients connected to that particular AP. What can you do? [1] If youre in an enterprise environment, stop using Signature-based Intrusion Prevention Systems and invest in an IPS/IDS with stateful packet inspection. [2] Give your Access Points some added security, i.e WPA2-PSK and make sure your shared key or network password is a proper Alphanumerical key
Posted on: Fri, 14 Mar 2014 05:56:19 +0000
Trending Topics
Recently Viewed Topics
© 2015