silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,159
Millions of Amazon Echo 1st generation and Amazon Kindle 8th generation are susceptible to an old WiFi vulnerability called KRACK that allows an attacker to perform a man in the middle attack against a WPA2 protected network.
KRACK, or Key Reinstallation Attack, is a vulnerability in the 4-way handshake of the WPA2 protocol that was disclosed in October 2017 by security researchers Mathy Vanhoef and Frank Piessens.
Using this attack, bad actors can decrypt packets sent by clients in order to steal sensitive information that is sent over plain text. While the WPA2 wireless connection of this network has been compromised by this attack, it is important to note that any encrypted traffic sent over the wireless network will still be protected from snooping.
In order to fix these vulnerabilities, hardware manufacturers needed to release new firmware for the affected devices.
In a report by the ESET Smart Home Research Team, the researchers have discovered that Amazon Echo 1st generation and Amazon Kindle 8th generation devices were still affected by the KRACK vulnerability.
Millions of Amazon Echo and Kindle Devices Affected by WiFi Bug
Millions of Amazon Echo 1st generation and Amazon Kindle 8th generation are susceptible to an old WiFi vulnerability called KRACK that allows an attacker to perform a man in the middle attack against a WPA2 protected network.
www.bleepingcomputer.com