Næsten for nylig har en sikkerhedsforsker opdaget og rapporteret nye sårbarheder i WiFi -enheder kendt som FragAttacks . Disse er nye typer angreb, der udnytter designfejl i WiFi - standarden og påvirker de fleste WiFi -aktiverede enheder. Han har tidligere opdaget KRACK- angrebet, som dybest set påvirkede WPA2 -protokollen.

Hvad er FragAttacks?

FragAttacks term er opfundet med sætningen Fr agmentation og Ag gregation Attacks . Disse er sikkerhedstrusler, der er rettet mod WiFi -enheder. I disse angreb målretter angriberen grundlæggende en enhed, der er inden for rækkevidden af ​​dens WiFi-netværk,^{(within the range of its WiFi network)} og stjæler ofrets følsomme oplysninger (f.eks. adgangskode). Disse angreb påvirker alle de seneste WiFi -sikkerhedsprotokoller, inklusive WPA3 og WPA2^{(including WPA3 and WPA2)} . Hjemmeroutere, IoT , smartphones og mange andre enheder påvirkes af denne slags angreb.

Læs^(Read) : Sådan sikrer og beskytter du din WiFi-router^{(secure and protect your WiFi Router)} .

Designfejl i WiFi

FragAttacks udnytter flere sårbarheder i WiFi . De kan udføres på forskellige måder, herunder:

Angriberen kan injicere en ukrypteret WiFi -ramme i et sikkert WiFi -netværk. De kan bruge den første designfejl i WiFi - standarden, som er dens aggregeringsfunktion^{(aggregation)} . I dette er flaget " er aggregeret^{(is aggregated)} " i en ramme ikke valideret og kan nemt ændres. Derfor^(Hence) injicerer angriberen pakken og narrer offeret til at omdirigere ham til deres ondsindede server.

Den anden designfejl i WiFi er dens rammefragmenteringsfunktion^{( frame fragmentation)} og er kendt som et blandet nøgleangreb^{(mixed key attack)} . Fragmenterne fra samme ramme er krypteret med den samme nøgle, mens modtageren kan samle fragmenter igen med forskellige nøgler. En angriber kan bruge dette til at eksfiltrere ofrets data.

Den tredje designfejl er igen med rammefragmenteringsfunktionen i WiFi og kaldes fragment cache attack . Det, der sker, er, at WiFi -enheden ikke fjerner ikke-samlede fragmenter fra hukommelsen, når en bruger afbrydes fra et netværk. Dette kan udnyttes ved at injicere et ondsindet fragment i adgangspunktets hukommelse. Nu, når en bruger opretter forbindelse til WiFi -netværket og transmitterer en fragmenteret ramme, vil disse fragmenter blive samlet igen med angriberens injicerede ondsindede fragment.

Læs^(Read) : Sådan tjekker du, om din router er hacket^{(How to check if your Router is hacked)} .

FragAttacks Demo af Mathy Vanhoef:

Hvordan sikrer du din WiFi mod FragAttacks ?

Nogle standardpraksis kan hjælpe dig med at beskytte dit WiFi mod FragAttacks . Disse er:

1. Opgrader din enhed
2. Installer sikkerhedsopdateringer
3. Brug kryptering
4. Brug en VPN
5. Konfigurer en brugerdefineret DNS

1] Opgrader din enhed

Mathy Vanhoef siger i sin blog:

The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone’s home network. For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately, due to the discover vulnerabilities, this last line of defense can now be bypassed. In the demo above, this is illustrated by remotely controlling a smart power plug and by taking over an outdated Windows 7 machine.

Så hvis du bruger en ældre version af dine enheder, skal du opgradere dem. For eksempel, hvis du stadig bruger Windows 7/8 , er det det rigtige tidspunkt at opgradere til Windows 10^{(upgrade to Windows 10)} for at beskytte din enhed mod FragAttacks og andre nye sikkerhedsangreb.

Og hvis du bruger en gammel router, der ikke har nogen tilgængelige opgraderinger i lang tid, skal du overveje at skifte din router og få en ny. Du skal blot udskifte din enhed, hvis der ikke er regelmæssige firmwareopdateringer.

Læs^(Read) : Sådan repareres offentlige og hjemme-Wi-Fi-netværkssårbarheder.

2] Installer sikkerhedsopdateringer

Sørg altid for, at du har installeret sikkerhedsopdateringer på din enhed. Sikkerhedsopdateringer^(Security) hjælper dig med at beskytte dine enheder mod enhver ny sårbarhed og sikkerhedsangreb. Så fortsæt med at søge efter sikkerhedsopdateringer og installer dem, så snart de er tilgængelige. Selvom smartphones og andre moderne enheder automatisk downloader og installerer sikkerhedsopdateringer. Men tjek også manuelt for at sikre det samme.

I tilfælde af Windows 10 kan du installere sikkerhed og andre opdateringer ved at gå til Settings > Update og Security > Windows Update og se efter tilgængelige opdateringer og derefter downloade og installere dem på din pc.

Læs^(Read) : Wi-Fi-sikkerhedstip^{(Wi-Fi Security Tips)} : Forholdsregler ved offentlige hotspots^{(Public Hotspots)} .

3] Brug kryptering

Når du surfer online, skal du sikre dig, at du er på et sikkert websted med et HTTPS -certifikat ( Hypertext Transfer Protocol Secure ). Ikke bare det, brug kryptering hele tiden og overalt. Brug for eksempel en sikker applikation, der tilbyder ende-til-ende-kryptering til at overføre data mellem enheder. Husk FragAttacks^{(Remember FragAttacks)} opstår, når ukrypterede data sendes over et sikkert netværk. Så kryptering er et must.

4] Brug en VPN

Overvej at bruge en VPN-tjeneste,^{(using a VPN service)} da den kan give dig beskyttelse mod FragAttacks ved at dirigere din trafik gennem en krypteret forbindelse.

5] Konfigurer en brugerdefineret DNS

Du kan også konfigurere en brugerdefineret DNS manuelt i din router og andre enheder for at forhindre ethvert angreb, der omdirigerer dig til en ondsindet server.

FragAttacks er en ny samling af sårbarheder i WiFi -standarden, der sætter flere enheder i fare. En angriber inden for dit netværks rækkevidde kan udføre disse typer angreb, hvor han forsøger at stjæle dine data. Nogle grundlæggende sikkerhedspraksis kan dog hjælpe dig med at beskytte dit WiFi mod FragAttacks .

Du kan uddanne dig selv på FragAttacks ved at gå til fragattacks.com.

What are FragAttacks? How to secure your WiFi against FragAttacks?

Jυst about recently, a security researcher has discovered and reported new vυlnerabilitiеs in WiFi devices known аs FragAttacks. These are new types of attacks that exploit design flaws in the WiFi standard and affect most WiFi-enabled devices. He has previously discovered the KRACK attack which basically affected WPA2 protocol.

What are FragAttacks?

FragAttacks term is coined with the phrase Fragmentation and Aggregation Attacks. These are security threats that target WiFi devices. In these attacks, the attacker basically targets a device that is within the range of its WiFi network and steals the victim’s sensitive information (e.g., password). These attacks impact all recent WiFi security protocols including WPA3 and WPA2. Home routers, IoT, smartphones, and many other devices are affected by these kinds of attacks.

Read: How to secure and protect your WiFi Router.

Design Flaws in WiFi

FragAttacks take advantage of several vulnerabilities in WiFi. They can be carried out in various ways including:

The attacker may inject an unencrypted WiFi frame into a secure WiFi network. They can use the first design flaw in the WiFi standard which is its aggregation feature. In this, the “is aggregated” flag in a frame is not validated and can easily be modified. Hence, the attacker injects the packet and tricks the victim into redirecting him to their malicious server.

The second design flaw in WiFi is its frame fragmentation feature and is known as a mixed key attack. The fragments from the same frame are encrypted with the same key, while the receiver can reassemble fragments with different keys. An attacker can use this to exfiltrate the victim’s data.

The third design flaw is again with the frame fragmentation feature in WiFi and is called fragment cache attack. What happens is that the WiFi device doesn’t eliminate non-reassembled fragments from memory when a user is disconnected from a network. This can be exploited by injecting a malicious fragment into the access point’s memory. Now, when a user connects to the WiFi network and transmits a fragmented frame, those fragments will be reassembled with the attacker’s injected malicious fragment.

Read: How to check if your Router is hacked.

FragAttacks Demo by Mathy Vanhoef:

How to secure your WiFi against FragAttacks?

Some standard practices can help you protect your WiFi from FragAttacks. These are:

1. Upgrade your device
2. Install Security Updates
3. Use Encryption
4. Use a VPN
5. Set up a Custom DNS

1] Upgrade your device

Mathy Vanhoef says in his blog:

The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone’s home network. For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately, due to the discover vulnerabilities, this last line of defense can now be bypassed. In the demo above, this is illustrated by remotely controlling a smart power plug and by taking over an outdated Windows 7 machine.

So, if you are using an older version of your devices, you must upgrade them. For example, if you are still using Windows 7/8, it’s the right time to upgrade to Windows 10 to protect your device against FragAttacks and other new security attacks.

And, if you are using an old router that has no upgrades available for a long, you must consider changing your router and getting a new one. Simply replace your device if there are no firmware updates regularly.

Read: How to fix Public and Home Wi-Fi Network vulnerabilities.

2] Install Security Updates

Always make sure that you have installed security updates on your device. Security updates help you protect your devices against any new vulnerability and security attacks. So, keep on checking for security updates and install them as soon as they are available. Although, smartphones and other modern devices automatically download and install security updates. But, also check manually to ensure the same.

In the case of Windows 10, you can install security and other updates by going to the Settings > Update & Security > Windows Update option and check for updates available and then download and install them on your PC.

Read: Wi-Fi Security Tips: Precautions To Take At Public Hotspots.

3] Use Encryption

When browsing online, ensure that you are on a secure website with an HTTPS (Hypertext Transfer Protocol Secure) certificate. Not just that, use encryption all the time and everywhere. For example, use a secure application that offers end-to-end encryption to transfer data between devices. Remember FragAttacks occur when unencrypted data is sent over a secure network. So, encryption is a must.

4] Use a VPN

Consider using a VPN service as it can provide you protection against FragAttacks by routing your traffic through an encrypted connection.

5] Set up a Custom DNS

You can also configure a custom DNS manually in your router and other devices to obstruct any attack that redirects you to a malicious server.

FragAttacks are a new collection of vulnerabilities in WiFi standard that puts multiple devices at risk. An attacker within the range of your network can carry out these types of attacks where he attempts to steal your data. However, some basic security practices can help you protect your WiFi against FragAttacks.

You can further educate yourself on FragAttacks by going to fragattacks.com.

Related posts

• Sådan løser du WiFi-problemer i Windows 11/10

• Er WiFi sikkert for dit helbred og derhjemme?

• Sådan konfigurerer du WiFi Range Extender, Booster og Repeater

• Sådan måler du WiFi-signalstyrke i Windows 10

• Windows opretter ikke forbindelse til WiFi ved opstart

• Sådan kontrolleres Wi-Fi-netværksadapterindstillinger på Windows 11/10

• NetSurveyor: WiFi-scanner og netværksopdagelsesværktøj til pc

• Gør Windows-pc til WiFi-hotspot via internetforbindelsesdeling

• Gratis WiFi Password Revealer & Finder software til Windows PC

• Sådan deaktiverer du baggrunds-WiFi-scanning i Windows 10

• Øg WiFi-hastighed og signalstyrke og dækningsområde

• WiFi-adapter virker ikke på Windows 11/10-computer

• Brug gratis akryl WiFi-scanner til WiFi-netværksanalyse i realtid

• Overfladeenhed finder tilgængeligt trådløst netværk, men vil ikke oprette forbindelse

• Sådan finder du og opretter forbindelse til skjulte WiFi-netværk på Windows 11/10

• Sådan finder du WiFi-adgangskode i Windows 11/10

• WiFi-adgangskode fungerer ikke på et ikke-QWERTY-tastatur i Windows 10

• WiFi tilsluttet, men ingen internetadgang på Windows 10

• Bedste gratis WiFi-netværksscannerværktøjer til Windows 11/10

• Skift til det stærkeste WiFi-signal: Skift WiFi-roaming-aggressivitet