Don’t Look Now But Someone Just Cracked WPA2 WiFi Security

Wireless security has always been something of a problem. Basic WEP encryption, for example, has been beaten so soundly that it’s a wonder device makers even offer it as a security option anymore. Fortunately, we’ve had WiFi protected access 2 (WPA2) keeping our networks safe--but perhaps no longer.

According to Phys.org, researchers at universities in the UK and Greece discovered a way to crack WPA2, and apparently it’s not all that difficult.

ASUS router
ASUS RT-N66U router

The researchers published their work in the International Journal of Information and Computer Security, where they outlined how WPA2 protection can be compromised. Hackers can use a brute force password attack to exploit a network, although the longer and more complex the password, the longer it takes.

Further, during a de-authentication step wherein network devices must re-authenticate with a new encryption key, there’s a temporary backdoor left open. With the right tools, a hacker can locate and exploit that back door. Also, MAC addresses can apparently be spoofed when a network admin restricts access to devices with specific identifiers.

So happy weekend folks, there’s something else for you to worry about.
Via:  Phys.org
Comments
acarzt 9 months ago

This only applies to WPA2-PSK which just uses a password... and considering all brute force is, is guessing passwords... well obviously brute force could eventually guess the right password... also MAC spoofing is an obvious one and any wireless guy who actually knows what he's doing isn't going to waste his time with mac filtering. It's about as useful as hiding the SSID.

Now WPA2-Enterprise is a whole different story. it will be much more difficult to hack into that network, depending on how you set it up. With user authentication the hacker would need a username AND password and in some cases a certificate.

JordanRussell 9 months ago

What did they have to publish their findings? Wankers.

BrianBarber 9 months ago

This isn't really new news, I've been cracking WPA2 for years in one of my demonstrations..

ScottPetricig 8 months ago

BrianBarber - I'm just curious, were you using the WPS weaknesses or some other method?

JennyMason 9 months ago

Why has Facebook seen fit to post related links to instructional videos/articles on how to do it beneath this article? *facepalm*

MistedHeart 9 months ago

Seems interesting till now, in order to crack networks running wpa2 you have to exploit a vulnerability in WPS.

KojoFosuKoranteng 9 months ago

Good news

JaakkoNikinoja 9 months ago

Bah, nothing new. It was already known fact that WPA2 encryption was hacked years ago(Don't remenber where was it, but that's certain it was brute force attack), only known encryption that isn't yet broke is AES, but it WILL be in next 5 years and someone have said that it already done the hacking agaist AES have been successfully. So it wasn't new to me sorry

JMeloni 9 months ago

years ago..

JefferyPruett 9 months ago

Im wondering why would people use WPA2-PSK when people could use WPA enterprise for a more secure network unless its commonly used only for hospitals or major companies etc.

sevags 9 months ago

Why is the image displayed an Asus router?! I have an ac66 so not exactly the same as mine but it doesn't make me feel any more comfortable LOL.

Why does a brute force password attack work? wouldn't the router locking you out after several failed attempts help to stock this stop of attack from being successful?

LeeThorley 9 months ago

Old news

JohnPlummer 9 months ago

it was cracked when they releases the parallel processors on a gpu. it took 10 to do it.

KevinStegall 9 months ago

Mac filtering is better than WPA2 . Get PHLAK and run Air Snort it deciphers the data packets to find out the pas phrase

BruceRegael 9 months ago

So many misconceptions in the comments. It's mind boggling.

MitchellPlah 8 months ago

Oh no!

Post a Comment
or Register to comment