KRACK attack “makes it trivial to intercept and manipulate traffic sent by … Linux and Android devices.”

Security researchers have now released details regarding the vulnerability in the WIFI authentication protocol, and it appears the issue is mainly at the client rather than access point level.

This is both good and bad news, as it is easier to update your own software than a shared access point, but it also means that the issue will likely persist for a long time due to billions of devices out there, many of whom will likely never get updates.

The flaw, which affects both WPA and WPA 2 and all operating systems, can let hackers steal chat messages, photos, emails, and other information that has been sent over plain text.

Some operating systems are worse affected than others, however.

The Verge reports Android devices 6.0 and above contains a vulnerability that “makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices” as these devices can be tricked into installing an all-zero encryption key.

41 percent of Android devices are vulnerable to an “exceptionally devastating” variant of the Wi-Fi attack that involves manipulating traffic. Attackers might be able to inject ransomware or malware into websites thanks to the attack, and Android devices will require security patches to protect against this.

The researchers warn that:

… although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations. For example, HTTPS was previously bypassed in non-browser software, in Apple’s iOS and OS X, in Android apps, in Android apps again, in banking apps, and even in VPN apps.

The main remedy would now be software and firmware updates to devices and access points. Some vendors were notified of the issue in July, and a broad notification was distributed in late August.

See the hack explained in the video below:

Via The Verge