Recently, A virus has been developed that travel wirelessly and can infect WiFi networks which has open access like one available on airports or coffee shops. A serious security risk, as there are more numbers of access points in close proximity, so infection rates are high in very less time.
“Chameleon behaved like an airborne virus, travelling across the Wi-Fi network via access points (APs) that connect households and businesses to Wi-Fi networks,” explained Alan Marshall, professor of network security at the University’s School of Computer Science and Electrical Engineering and Electronics.
A team of researchers at the University of Liverpool, UK, demonstrated how a virus known as Chameleon was able to spread undetected over Wi-Fi by exploiting vulnerabilities in access points.
It propagates in the following sequence:
1. It Establish a list of susceptible APs within the range
2. Bypass any encryption Security on the targeted AP
3. Bypass the administrative interface on the targeted AP
4. Identify and Store AP System Settings
5. Replace the AP firmware on with the virus-loaded firmware.
6. Import the victim original AP System Settings on newly loaded firmware
7. Let's Propagate! Back to Step one to next Target
The experimental simulated demonstration was performed in two cities i.e. Belfast, NI and London, England.
"When Chameleon attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other Wi-Fi users who connected to it," says Alan Marshall. "The virus then sought out other Wi-Fi APs that it could connect to and infect".
Its far more complex to detect and control the spread of Chameleon virus. As Antivirus are only effective aganist virus that can be detected on hard drives, in memory, or in network traffic, but in the case of Chameleon it is the Wi-Fi network itself that is infected. It is also not detected by Wireless Intrusion Detection System (IDS).
"Hence, this attack is considered advanced and difficult to detect, as IDS rogue AP detection methods typically rely on a change in credentials, location or traffic levels."
“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus,” says Marshall.
Well, Chameleon virus is developed for demo purpose in the research lab only, though it is very likely that a malicious version could be created and released into the wild by cyber criminals and malware writers.
0 comments:
Post a Comment