New Wi-Fi ‘SSID Confusion’ Attack Let Attackers Connect To Malicious Network
A originate flaw in the IEEE 802.11 customary enables for SSID spoofing in WPA2 and WPA3 networks.
While authentication protocols prevent unauthorized bag admission to capabilities, they don’t guarantee that the SSID displayed on the client utility matches the negate community’s SSID.
The vulnerability enables attackers to build a rogue bag admission to point with a spoofed SSID, tricking purchasers into connecting while believing they’re on a legit community.
Researchers demonstrated the attack’s effectiveness on plenty of devices and proposed alternatives, along side improved customary protocols and backward-neatly matched defensive measures.
A vulnerability in the 802.11 Wi-Fi customary enables attackers to spoof the SSID (community name) broadcasted by bag admission to capabilities, which solutions client devices into connecting to a malicious community (WrongNet) while believing they’re linked to a trusted one (TrustedNet).
Though credentials are encrypted and authenticated right thru connection, the SSID itself isn’t any longer validated, which is terribly harmful when trusted networks reuse credentials across varied frequency bands (e.g., 2.4 GHz and 5 GHz).
By spoofing the trusted SSID on the much less steady 2.4 GHz band, attackers can doubtlessly downgrade the connection and intercept net site visitors, especially if the victim’s VPN is automatically disabled upon connecting to a trusted community based exclusively mostly exclusively on SSID recognition.
Wi-Fi bag admission to capabilities on the total broadcast two networks, one on 2.4 GHz and one other on 5 GHz, to accommodate devices with plenty of Wi-Fi capabilities.
The two.4 GHz band would possibly possibly presumably maybe lack superior security capabilities and be more at possibility of attacks attributable to doubtlessly older bag admission to capabilities, elevating security considerations, especially when customers rely on trusted community detection capabilities of VPN products and companies to automatically disable VPN connections.
The study by Top10vpn identified a Wi-Fi attack exploiting identical enterprise authentication settings across varied networks.
By scraping eduroam profiles, researchers chanced on universities that shared RADIUS servers with eduroam, allowing them to impersonate those universities’ Wi-Fi and doubtlessly intercept user net site visitors.
The attack extends to public hotspots that portion authentication with enterprise networks, enabling attackers to build mistaken hotspots that take hang of user recordsdata, it additionally identified vulnerable institutions in accordance with Eduroam profile scraping, along side universities and firms sharing authentication with public hotspots.
A originate flaw (CVE-2023-52424) in the 802.11 WiFi customary enables attackers to trick purchasers into connecting to malicious networks despite WPA3 protections by exploiting the actual fact that the community name (SSID) isn’t always authenticated right thru the connection direction of.
Beacon framing, which transmits SSID knowledge, would possibly possibly presumably maybe additionally be spoofed to trap a client onto a rogue community.
To mitigate this, purchasers can study beacon authenticity and SSID ahead of recordsdata replace or the customary would possibly possibly presumably maybe additionally be up to this point to mandate SSID authentication right thru connection.
Source credit : cybersecuritynews.com