Wi-Fi ‘virus’ could be used to attack wireless access points

Share This Post

Dense concentrations of Wi-Fi access points and routers in large cities could be attacked by malware able to spread silently from node to node, researchers at the University of Liverpool have shown for the first time.

In the experiment conducted by Jonny Milliken, Valerio Selis and Professor Alan Marshall, a specially-crafted virus called ‘Chameleon’ was pitted against a range of common access points with poorly-secured management interfaces (i.e. using default passwords). Once access had been achieved, Chameleon then attempted to take control of the device by re-flashing its firmware with a replacement, open source OpenWrt.

Attackers gaining control in this way would be able to monitor traffic for credentials or other data but the team’s real discovery was that Chameleon would also be able to spread and infect other routers in its neighbourhood in a manner similar to an “airborne virus.”

Having proved the concept in the lab, the team modelled the attack against the sort of Wi-Fi density found in two cities, Belfast and London, finding that even using an infection rate of five to ten percent, Chameleon would be able to infect several thousand access points within a few months.

Outbreak…and resistance

Although this sounds like a small number and a long timescale, in a large city each one of these access points could be serving anything from a handful to many thousands of people, so attackers would have gained access to potentially large amounts of valuable data.

Most striking of all, because many access points are left untouched and unmanaged, the attack would be hard to detect. Access points using encryption would offer a small challenge to the extent that re-flashing them would destroy the embedded key. This would need to be captured first.

The team doesn’t reveal which brands or classes of access point or router were vulnerable to Chameleon but were in no doubt that the re-flashing attack would work in the real world.

“In some cases it will work, in some cases it will fail; some are resilient against it, some are not,” Professor Alan Marshall told Techworld.

“It was assumed that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely,” said Marshall.

Attack the weakest (access) points

“Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected including open access WiFi points common in locations such as coffee shops and airports.”

According to Marshall, the solution is to embed intrusion prevention technology into access points, something he was pursuing through Queen’s University Belfast spin-out, Traffic Observation and Management.

The research highlights the unprotected state of router/access point technology, which rely on correctly-configured encryption and management to keep out attackers. But there is growing evidence that even without direct wireless attacks, these devices are riddled with vulnerabilities.

Only days ago, a study by security firm Tripwire found most of the top 50 best-selling home routers had software flaws that would allow a remote attacker to gain control of the device even if it was secured.

Stay Ahead: Join the EwtNet Insider Email Club!

Stay informed and up-to-date with EwtNet's email subscription. Join our exclusive community and receive curated news, updates, and insights tailored to your interests.

Related Posts

AMD releases game-changing Mantle support in new Catalyst beta driver

AMD has released the latest beta driver of its...

What if I want to Stick with Windows XP? Here is what to do!

Is longer a secret, it's been over a decade...

Use 2go, BBM & Whatsapp on your Windows PC or Mac

Although future generations of PCs are likely to be...

What is Benchmarking? How to Benchmark Your PC for Free

Benchmarking is the standard by which a PC's...

Trend Micro Hijackthis Review & Free Download

HijackThis is a security tool which generates logs with...

Nifty Windows 10’s keyboard shortcuts

Windows 10 adds all sorts of nifty new features designed to appeal to PC power users, but it also includes some nifty newcomers that you can’t actually see—fresh keyboard shortcuts!
- Advertisement -

Discover more from EwtNet

Subscribe now to keep reading and get access to the full archive.

Continue reading