Researchers at the University of Liverpool have shown for the first time that WiFi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans.
The team designed and simulated an attack by a virus, called “Chameleon”, and found that not only could it spread quickly between homes and businesses, but it was able to avoid detection and identify the points at which WiFi access is least protected by encryption and passwords.
Researchers from the University’s School of Computer Science and Electrical Engineering and Electronics, simulated an attack on Belfast and London in a laboratory setting, and found that “Chameleon” behaved like an airborne virus, travelling across the WiFi network via Access Points (APs) that connect households and businesses to WiFi networks.
Areas that are more densely populated have more APs in closer proximity to each other, which meant that the virus propagated more quickly, particularly across networks connectable within a 10-50 metre radius.
Alan Marshall, Professor of Network Security at the University, said: “When “Chameleon” attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other WiFi users who connected to it. The virus then sought out other WiFi APs that it could connect to and infect.”
“Chameleon” was able to avoid detection as current virus detection systems look for viruses that are present on the Internet or computers, but Chameleon is only ever present in the WiFi network. Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected including open access WiFi points common in locations such as coffee shops and airports.
Professor Marshall continued said: “WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”
The research is published in EURASIP Journal on Information Security.
You have remarked very interesting points! ps nice internet site.
http://www.z1pCQoW6Yr.com/z1pCQoW6Yr
I view something truly special in this web site.
http://www.Y9Ace67Xeh.com/Y9Ace67Xeh
I do trust all the ideas you’ve introduced for your post. They are very convincing and will certainly work. Still, the posts are very quick for beginners. Could you please extend them a little from subsequent time? Thanks for the post.
What i don’t realize is in fact how you are not really a lot more neatly-favored than you might be right now. You are very intelligent. You realize thus significantly on the subject of this topic, produced me individually believe it from so many varied angles. Its like men and women don’t seem to be fascinated except it¡¦s one thing to accomplish with Girl gaga! Your own stuffs nice. At all times handle it up!
Excellent, what a website it is! This website provides valuable facts to us, keep it up.|
What i don’t understood is in truth how you are not actually much more smartly-preferred than you may be right now. You are very intelligent. You already know therefore considerably in relation to this topic, made me in my opinion believe it from so many numerous angles. Its like women and men don’t seem to be fascinated except it is one thing to accomplish with Girl gaga! Your personal stuffs excellent. At all times maintain it up!
I do trust all the concepts you’ve presented in your post. They are really convincing and can definitely work. Nonetheless, the posts are too short for beginners. Could you please prolong them a little from subsequent time? Thanks for the post.
you are in point of fact a just right webmaster. The web site loading velocity is incredible. It seems that you’re doing any distinctive trick. In addition, The contents are masterwork. you have done a great job in this topic!
I invented a video tape virus over 20 years ago which was spread from VHS to VHS video players via tape rental shops. I spent about 3 hours live on UK local radio April first as the secret government scientist who could not be named talking to phone in listeners that said they had been infected by it. This probably works in the same way…
ONLY WORKS ON ONE TYPE OF ROUTER! All routers need to be model AP345. Oops, left that part out. Lab setting, yea right, let’s freak out the general DUMB public so we can get more funding. You people are so gullible.
“All routers need to be model AP345.”
Public facilities tend to have all the same model of AP; it’s just easier to buy and configure N number of one model than N/6 of 6 different models.
So while I don’t know why they chose the AP345, it’s reasonable to make a test of a homogeneous system.
Almost a year ago, this firm had PoC code for remotely attacking two SOHO routers by following an unsafe link. The current researchers have just figured out a way to do it w/o requiring human interaction.
http://www.securityevaluators.com/knowledge/case_studies/routers/soho_router_hacks.php
Ah right – got my answer on slashdot.
“When it infects an AP, Chameleon scans the area for other potential Aps it could attack, bypasses encryption security on the victim AP, bypasses the administrative interface, stores the AP’s system sewttings, replaces the firmware with a virus-loaded version, reloads the original system settings, and goes back on the air to propagate itself to the next victim WiFi network.”
It would be good to know what exactly the virus is doing… “infects the wireless network” doesn’t seem to me to be very descriptive, more pointing at the transmission medium rather than the target host… is it exploiting a vulnerability common to all routers? which one?
Having something transmitted over a connection is one thing, having it active on a machine is a different matter…
What’s the vector? Last I checked, you can’t infect a transmission protocol. I’m ready to be proven wrong though…
at Sean
After reading the actual article, the virus does exactly that.
Seed an access point, that violated AP reads, scans, transmits, infects other APs within range, while users are dormant. Regular use connections to the AP cause it to go sleeper, and proceed with its original routing function.
I think this article needs rewriting.
On one hand it states that “The team designed and simulated an attack by a virus”.
Then it states that “we demonstrated that this is possible”.
The only way to demonstrate this would be to develop a computer virus that can infect an arbitrary access point, embed itself without disrupting its normal behaviour, and at the same time comandeer its radio to change from Access Point to Client mode and connect to another unifected AP.
There’s nothing in the summary that indicates they have managed this.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks”
Given the long history of vulnerabilities in wifi routers and APs, whoever made such silly assumptions should be fired from whatever position of responsibility he/she now — or *ever* — holds.