Kr00k Wi-Fi flaw exposes a billion devices to hackers

Seth Rosenblatt -

SAN FRANCISCO—Encryption is great for protecting data in transit, unless that data is encrypted in all zeroes.

Unfortunately, that’s exactly what a newly revealed Wi-Fi chip vulnerability does, according to ESET researchers, who disclosed the flaw yesterday at the RSA Conference here.

The vulnerability puts more than 1 billion consumer devices at risk, including Apple iPhones, iPads, and Macs, Amazon Echoes and Kindles, Samsung Galaxy phones and tablets, Raspberry Pi 3s, older Google Nexus phones, and some Wi-Fi routers made by Asus and Huawei.

READ MORE ON WI-FI SECURITY:
How Wi-Fi router security has deteriorated since 2003
FBI’s router reboot call reminds us why to check for updates
Why hackers love your Wi-Fi (and how to protect it)
How to protect yourself when using airplane Wi-Fi
How to secure your home Wi-Fi

The ESET researches have dubbed the flaw Kr00k (officially CVE-2019-15126), because off its similarities to the earlier Key Reinstallation Attack, often referred to as KRACK.

This story was originally commissioned by Tom’s Guide. Read the full story here.