Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

First contagious WiFi computer virus goes airborne...
The Daily Caller ^ | 2-25-2014 | Giuseppe Macri

Posted on 02/25/2014 4:20:00 PM PST by overdog2

Computer science researchers have demonstrated for the first time how a digital virus can go airborne and spread via WiFi networks in populated areas at the same pace as a human diseases.

The “Chameleon” virus, designed by a University of Liverpool team, showed a remarkable amount of intelligence by avoiding detection and breaking into personal and business WiFi networks at their weakest points — spreading at an alarming rate.

Network Security Professor Alan Marshall said the virus doesn’t try to damage or disrupt established networks — instead, the virus slips in unnoticed to collect the data and log-in information of all users connected to the network via WiFi, and seeks other WiFi networks through them — a much more subtle, sinister and dangerous objective.

“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus,” Marshall said in a ScienceBlog report. “It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks — but we demonstrated that this is possible and that it can spread quickly.”

The secret to Chameleon is the method by which it avoids detection. Traditional computer antivirus programs look for viruses present on computers and the Internet itself. Chameleon sticks strictly to WiFi networks, bypassing secured, more heavily encrypted networks to enter and spread through weaker ones — especially free public access points like those found in cafes, on trains and in airports.

A lab experiment by the University’s School of Computer Science and Electrical Engineering and Electronics simulated what researchers likened to an airborne contagion attack against Belfast and London, entering WiFi access points that connect public and private networks to the Internet.

The virus traveled fastest across access points within a 160 feet or less of each other, following similar rates of human infection by viruses among more densely populated areas.

“We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely,” Marshall said.

Read more: http://dailycaller.com/2014/02/25/first-contagious-wifi-computer-virus-goes-airborne-spreads-like-the-common-cold/#ixzz2uNlgLr2c


TOPICS: Computers/Internet
KEYWORDS: airbornewifivirus; computervirus; wifi
Tripwire Study: 80 Percent of Best-Selling Small Office/Home Office (SOHO) Wireless Routers Have Security Vulnerabilities

http://www.hispanicbusiness.com/2014/2/24/tripwire_study_80_percent_of_best-selling.htm

_____

30 percent of IT professionals and 46 percent of employees do not change the default administrator password on their wireless routers. With access to the configuration interface, attackers can easily compromise the device.

55 percent of IT professionals and 85 percent of employees do not change the default Internet Protocol (IP) address on their wireless routers, making Cross-Site Request Forgery (CSRF) attacks much easier for cyberattackers.

43 percent of IT professionals and 54 percent of employees use Wi-Fi Protected Setup (WPS) – an insecure standard that makes it simple for attackers to discover a router’s encryption passphrase, regardless of its complexity or strength.

52 percent of IT professionals and 59 percent of employees have not updated the firmware on their routers to the latest version, so even when security updates from router vendors are available, most users do not receive the additional protection

1 posted on 02/25/2014 4:20:00 PM PST by overdog2
[ Post Reply | Private Reply | View Replies]

To: overdog2

So, how well do MAC address restricted WiFi routers do on security?


2 posted on 02/25/2014 4:28:35 PM PST by Paladin2
[ Post Reply | Private Reply | To 1 | View Replies]

To: overdog2
Worse, many SmartPhone Carriers will soon disable YOUR ability to disable WiFi on your smartphone.

They'll do this to off load traffic from their cell networks onto free WiFi.

Saves them a buncho bucks.

3 posted on 02/25/2014 4:30:29 PM PST by Mariner
[ Post Reply | Private Reply | To 1 | View Replies]

To: overdog2; ShadowAce

Liverpool? Can we call it the Beatles Virus?


4 posted on 02/25/2014 4:30:57 PM PST by GeronL (Vote for Conservatives not for Republicans!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mariner

Today many phones auto switch off the wifi and put you back on the pay network without you suspecting. $$


5 posted on 02/25/2014 4:32:06 PM PST by GeronL (Vote for Conservatives not for Republicans!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: overdog2

Am saying this in jest everyone ... Once more am saying this in jest ... Should a mutation occur and the computer virus manifests itself into being transmitted between humans, look for human brains to short circuit. Since the virus looks for the weak points of entry, the low information voters are at most risk of brain short circuits and infestations.


6 posted on 02/25/2014 4:38:12 PM PST by no-to-illegals (Scrutinize our government and Secure the Blessing of Freedom and Justice)
[ Post Reply | Private Reply | To 1 | View Replies]


We are within striking distance for yellow!

Keep Free Republic Alive with YOUR Donations!
Make a difference.
PLEASE Contribute Today!

Woo hoo!! And now over less than $450 to the yellow!!

7 posted on 02/25/2014 5:09:58 PM PST by RedMDer (May we always be happy and may our enemies always know it. - Sarah Palin, 10-18-2010)
[ Post Reply | Private Reply | View Replies]

To: Paladin2

MAC addresses can very easily be spoofed. It is not a preferred method to proper hardening, but then when it comes to wireless, nothing is.

Your best level of security is to not have wireless at all. If that’s not an option, using RADIUS for authentication and preferably using 2FA (2-factor authentication) where the machine has to have a certificate AND a password is required is the best security for a wireless network. Since that’s incredibly complex for a home user, just changing the router password, changing the IP address (preferably to a class A or B), turning off WPS (it’s a shortcut, of course it’s susceptible), and using WPA2 with AES encryption is your best bet.

Again, nothing is foolproof, but this will stop over 95% of attack attempts. If someone really wants to get into a home user’s network, even my own, they could do it. It’s a level-of-effort thing.


8 posted on 02/25/2014 5:12:04 PM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: overdog2

If the congress had any sense, they would make IT Security one of their top priorities.


9 posted on 02/25/2014 5:23:30 PM PST by Bryan24 (When in doubt, move to the right..........)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; Still Thinking; ...

10 posted on 02/25/2014 5:29:49 PM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: no-to-illegals
Hah! Laugh if you will, but the Weekly World News has covered this one from the beginning.

It was instantly covered up by Them, of course...

11 posted on 02/25/2014 5:33:34 PM PST by Billthedrill
[ Post Reply | Private Reply | To 6 | View Replies]

To: Billthedrill

Can’t be true Bill. That lady is too pretty to be a liberal.


12 posted on 02/25/2014 5:41:05 PM PST by no-to-illegals (Scrutinize our government and Secure the Blessing of Freedom and Justice)
[ Post Reply | Private Reply | To 11 | View Replies]

To: rarestia

> MAC addresses can very easily be spoofed. It is not a preferred method to proper hardening, but then when it comes to wireless, nothing is.

I don’t ordinarily use wifi. I just have a pc, and a Nook Simple Touch (ebook reader) rooted to do some tablet things (which I ordinarily keep with the wifi turned off, and don’t use to purchase books on the net). My router allows wifi access only to those two MAC addresses. How would anyone else get in? Wouldn’t they have to produce a large number of MAC addresses until one matched one of the two my router allows, and then have to do the same thing to match the password — all while still within range of my router? I doubt that any of the few neighbors within range of my router is doing that.

I don’t use my pseudo-tablet at public sites, but I’m curious to know if that can that be done there with hacking software in just a matter of minutes? It seems to me that router protection software ought to spot systematic attempts to produce a wide range of MAC addresses or wide range of passwords within a short time, and be able to stop access temporarily and give a warning.

[I have almost no knowledge in this area, though, and am just speculating.]


13 posted on 02/25/2014 7:19:16 PM PST by GJones2 (Wifi hacking)
[ Post Reply | Private Reply | To 8 | View Replies]

To: GJones2
Well informed opinion at SlashDot, this is BS.
14 posted on 02/25/2014 8:12:30 PM PST by Dalberg-Acton
[ Post Reply | Private Reply | To 13 | View Replies]

To: Dalberg-Acton

Thanks. I’ll have a look.


15 posted on 02/25/2014 10:04:00 PM PST by GJones2 (Wifi hacking)
[ Post Reply | Private Reply | To 14 | View Replies]

To: GJones2

When your tablet or any other wireless device first connects to your router, there’s a good deal of handshaking that occurs before access is granted. Any competent network hacker could sniff a few of the packets that transmit between your device and your router and extract the MAC address from the headers. If that’s the the ONLY protection you have, they can now spoof your MAC address and gain access to your device. MAC address spoofing is really not difficult, and there are publicly-available tools to do it on the Internet.

What you’re describing is what my network engineer buddy calls “MAC splat” where a device just spams an AP with MAC traffic if that’s the only thing keeping the device off the network. MOST APs, even consumer-grade, have DDOS protections that would log these attempts and block the originator for minutes or hours, depending on the setting.

If you have other safeguards in place such as WPA2 AES encryption, hidden SSID, and you’ve turned off things such as WPS, then you’re as safe as you will ever be without configuring additional authentication infrastructure. Just remember that all of the negotiation process happens in clear text, so if you’re connecting to a wireless device for the first time, know that information such as your MAC address is being distributed in the handshaking packets, and there’s really little you can do about it.


16 posted on 02/26/2014 3:44:09 AM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: rarestia

Thanks for the further information.

> ...could sniff a few of the packets that transmit between your device and your router and extract the MAC address from the headers.

I didn’t think about that address too being transmitted through the air. Obviously it would have to be.

> If you have other safeguards in place such as WPA2 AES encryption, hidden SSID, and you’ve turned off things such as WPS...

I do have that encryption, and had turned off WPS after reading about problems with that previously. I notice that I have SSID Broadcast enabled, but I’ll disable it. Thanks.


17 posted on 02/26/2014 4:53:52 AM PST by GJones2 (Wifi hacking)
[ Post Reply | Private Reply | To 16 | View Replies]

To: GJones2

SSID broadcast is one of the simplest “safeguards” to implement. It keeps ne’er-do-wells from trying to even connect; however, bear in mind that even though the SSID is hidden, most operating systems will recognize that the AP exists but no other data will be shown. The SSID, too, is transmitted when making a wireless connection, so if someone really wanted to figure out your SSID, they could.

Also consider doing a “wireless survey” in your home. Take your favorite wireless device and walk around outside your home to see how far your wireless signal goes. I recommend to most people that if your wireless signal can be seen/accessed from the streets around your home, then someone could sit in a car/van and try to access it undetected. There are ways to “turn down” your wireless power but only if you install a firmware replacement such as DD-WRT.

Just food for thought. Feel free to FReep mail me if you have other questions.


18 posted on 02/26/2014 5:11:25 AM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: rarestia

Lots of good information. Thanks.


19 posted on 02/26/2014 5:29:38 AM PST by GJones2 (Wifi hacking)
[ Post Reply | Private Reply | To 18 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson