Wireless spreading of WiFi APs infections using WPS flaws: An epidemiological and experimental study

Abstract: WiFi Access Points (APs) are ideal targets of attack. They have access to home internal networks which allows an adversary to easily carry out man-in-the-middle attacks and spread infections wirelessly. They can also be used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum (both WiFi and cellular). While Wired Equivalent Privacy (WEP) vulnerabilities are common knowledge, the flaws of the WiFi Protected Setup (WPS) protocol are less known. In this p… Show more

“…Attackers can directly gain control of Wi-Fi routers by exploiting misconfigurations of the device (Viehböck 2011) or flaws in wireless protocol (Sanatinia, Narain, and Noubir 2013). Alternatively, an attacker can setup a public trap Wi-Fi router and expect people to connect it for free internet (Li et al 2016).…”

“…Alternatively, an attacker can setup a public trap Wi-Fi router and expect people to connect it for free internet (Li et al 2016). Once a user is connected to a compromised or trap Wi-Fi router, the attacker can conduct several types of attacks such as man-in-the-middle attack, redirection to a malicious website to infect the user, or conduct denial-of-service attack using the infected Wi-Fi router (Tsow et al 2016;Sanatinia, Narain, and Noubir 2013). In other words, security of Wi-Fi routers has implications beyond the device itself.…”

The Spread of Wi-Fi Router Malware Revisited

“…Attackers can directly gain control of Wi-Fi routers by exploiting misconfigurations of the device (Viehböck 2011) or flaws in wireless protocol (Sanatinia, Narain, and Noubir 2013). Alternatively, an attacker can setup a public trap Wi-Fi router and expect people to connect it for free internet (Li et al 2016).…”

“…Alternatively, an attacker can setup a public trap Wi-Fi router and expect people to connect it for free internet (Li et al 2016). Once a user is connected to a compromised or trap Wi-Fi router, the attacker can conduct several types of attacks such as man-in-the-middle attack, redirection to a malicious website to infect the user, or conduct denial-of-service attack using the infected Wi-Fi router (Tsow et al 2016;Sanatinia, Narain, and Noubir 2013). In other words, security of Wi-Fi routers has implications beyond the device itself.…”

The Spread of Wi-Fi Router Malware Revisited

“…It can happen through traditional attack vectors such as phishing, spam, remote exploits, drive-bydownload or zero-day vulnerabilities [58]. A great body of literature have focused on different spread mechanisms [59,60,61]. In this work we focus on the remaining stages of a bot's life cycle.…”

“…Moreover, infrastructures such as WiFi networks and access points (AP) and Internet of Things (IoT) devices can be abused for spread of an undetectable airborne malware [61], form a botnet for distrusted denial of service attack [139], or injection of malicious code to mine cryptocurrencies [140].…”

Abusing privacy infrastructures : case study of Tor

“…El presente trabajo de investigación, tuvo la finalidad de identificar la vulnerabilidad de las redes inalámbricas simulando una infección, para esto partimos de un estudio de simulación de propagación de malware (Sabater, Martín, Rey, & Rodríguez Sánchez, 2014), y un estudio experimental en la difusión de infecciones inalámbricas utilizando fallas WPS (Sanatinia, Narain, & Noubir, 2013), se conoce que el algortimo WPA2 es capaz de ser vulnerado mediante un ataque de reinstalación de llaves KRACK (Vanhoef & Piessens, 2017), pero este ataque no está destinado a capturar la clave sino a hacer un espionaje de todo aquello que se transmita en la conexión a la que se ataca, por tal motivo no lo consideramos como vulnerabilidad para nuestro estudio.…”

Análisis de Seguridad de Redes Inalámbricas a través del modelado Matemático Susceptible-Infectado-Recuperado (SIR)