Most people connect to the internet via wi-fi, but from a security standpoint it is a shaky foundation.
There is nothing inherently private about the signal when connecting to a wi-fi network. The signals go out in all directions when you use wi-fi. It is almost impossible to tell if a person is listening to a broadcast or not. It's difficult to be sure who you're connecting to because anyone can offer free wi-fi. This is the reason why hardened systems pull out a computer's wi-fi card. The attack surface of a device shrinks greatly without wireless capability.
It is difficult to exploit those weaknesses but it is not impossible.
The internet coconut is a very powerful router. The Coconut has more than one antenna for each channel in the 2.4 GHz spectrum. That makes it possible for the coconut to listen and log every channel at the same time. One of the Coconuts most basic functions is to create these recordings along with some basic packet analysis, which is the equivalent of recording every station on the radio at the same time.
It doesn't tell you a lot. Without the keys, you won't be able to see what people are doing on the internet. One of the main building blocks of the internet is a key exchange system that protects you from eavesdroppers. Even though you can't pull passwords out of the air in plain text, there is still a lot to be done.
Attackers disguise themselves as a trusted wi-fi network in a KARMA attack. If you have ever been told to avoid open wi-fi networks in public places, it is because of this attack.
The attack takes advantage of the way computers connect to the internet. When you set your computer to connect automatically, it will start looking for that network and send requests to find it. It is as if your device is constantly shouting, "Is Starbucks wi-fi here?" The signals are not public.
The attacker in the KARMA attack uses a device called the WiFi Coconut to pick up on the signals and give a reply. You can invite your device to join the network by sending it a message that identifies itself as Starbucks wi-fi. It is possible that it will happen without you even knowing. Suddenly, you are connecting to the internet through someone else's computer, exposing you to all sorts of malicious software.
Many of the attacks we cover here are exotic or limited to espionage agencies, but this one has a clear payoff that is more common than you think. It is easy for criminals to try this out in an airport lobby or a fancy hotel in order to get a lead on a ransomware scheme. Any hackable routers will suffice, they wouldn't even need a wi fi coconut.
It is possible to protect yourself against a KARMA attack by telling your devices not to join public wi-fi networks. If you look around at your settings and preferences, you should be able to find it. Mobile devices are vulnerable to the same attack.
Your device won't be sending out those KARMA-vulnerable signals if it isn't looking for any public networks. You can ask them before joining a new network. It is not perfect, but it will help keep you safe.
All Rights Reserved © 2024
