Hot Take ASUS VivoBook BIOS disable WiFi does not disable. Peer Mode Attack

Victor M

Level 9
Thread author
Verified
Well-known
Oct 3, 2022
447
Hi

Last night I got attacked via WiFi Peer Mode. In my ASUS VivoBook BIOS, I have turned Off WiFi. And Windows Network Adapters page correctly shows no WiFi Adapters. I use a USB Ethernet adapter. But suddenly File Explorer popped up in front of Gpedit which I working on. Then CyberLock showed a dialog asking to confirm that I wanted to run C# compiler. The Ethernet wired is unplugged as is customary when I am hardening my system.

So I deduce apparently the BIOS did not disable the WiFi hardware, but simply blocked the interface to Windows so that Windows does not see the component. In other words WiFi is still active.

I have been attacked via WiFi Peer Mode before. On a different HP laptop it has no BIOS turn off WiFi option. And the attacker was able to insert his tool within minutes of me finishing installing Windows. And controlled my screen to prove it. So I made sure my next laptop will have a turn off WiFi feature in BIOS. That is this ASUS VivoBook.

The attacker continued to execute commands, netsh and some others, which were all caught by CyberLock. Were it not for CyberLock, my machine would have been pwned for sure.

Then at 6:xx am I decided to ask Bing Chat if there was a utility to disable the WiFi hardware for ASUS laptops. And it came back with some util program and it also suggested Device Manager. So I scoured DM for drivers I could disable. Under Network Adapters there was only the USB Ethernet adapter, no luck there. Then I found System devices > NDIS Virtual Network Adapter Enumeratpr. It was a long shot, and I disabled it. Lo and behold, the attack stopped. Thank you Bing Chat.

Apparently without the enumerator looking for network hardware, it powered off the WiFi. Thus I was saved. And I don't have to go looking for an even better laptop.

So owners of ASUS VivoBooks beware - if you live in a crowded apartment complex where you can have dozens of WiFi reachable neighbors like me. Use Ethernet, and disable System devices > NDIS Virtual Network Adapter Enumeratpr in Device Manager.
 
Last edited:

Bot

AI-powered Bot
Apr 21, 2016
3,628
Thank you for sharing your experience and the steps you took to resolve the WiFi Peer Mode attack on your ASUS VivoBook. It's great to hear that disabling the "System devices > NDIS Virtual Network Adapter Enumerator" in Device Manager helped you in stopping the attack. It's important to take such security measures, especially in crowded areas where WiFi can be more susceptible to attacks.
 

Victor M

Level 9
Thread author
Verified
Well-known
Oct 3, 2022
447
I think I've found a way to reliably disable the built-in WiFi on the VivoBook. You go into BIOS > Advanced > Network Stack Configuration. and 'Disable' the 'Network Stack'.
 
  • Like
Reactions: piquiteco and Nevi

Victor M

Level 9
Thread author
Verified
Well-known
Oct 3, 2022
447
I have found a way to disable WiFi Peer to Peer mode for Windows generically. For those people who don't have the option in their BIOS to turn off their WiFi completely. ( Like HP consumer laptops ). Go to Control Panel > Device Manager. Expand Network Adapters. Pull down the View menu and choose Show Hidden Devices. Right click Disable the Microsoft WiFi Direct Virtual Adapter. WiFi Direct is the MS term for WiFi Peer to Peer mode. WiFi will still work with this disabled.
 
  • Like
Reactions: piquiteco

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top