Scientists demonstrate first contagious airborne WiFi virus


February 25, 2014
Technology

Researchers at the University of Liverpool have shown for the first time that WiFi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans.

The team designed and simulated an attack by a virus, called “Chameleon”, and found that not only could it spread quickly between homes and businesses, but it was able to avoid detection and identify the points at which WiFi access is least protected by encryption and passwords.

Researchers from the University’s School of Computer Science and Electrical Engineering and Electronics, simulated an attack on Belfast and London in a laboratory setting, and found that “Chameleon” behaved like an airborne virus, travelling across the WiFi network via Access Points (APs) that connect households and businesses to WiFi networks.

Areas that are more densely populated have more APs in closer proximity to each other, which meant that the virus propagated more quickly, particularly across networks connectable within a 10-50 metre radius.

Alan Marshall, Professor of Network Security at the University, said: “When “Chameleon” attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other WiFi users who connected to it. The virus then sought out other WiFi APs that it could connect to and infect.”

“Chameleon” was able to avoid detection as current virus detection systems look for viruses that are present on the Internet or computers, but Chameleon is only ever present in the WiFi network. Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected including open access WiFi points common in locations such as coffee shops and airports.

Professor Marshall continued said: “WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus.

“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”

The research is published in EURASIP Journal on Information Security.



Scientists demonstrate first contagious airborne WiFi virus

, , , , , , ,

9 Responses to Scientists demonstrate first contagious airborne WiFi virus

  1. ron February 27, 2014 at 12:03 am #

    I invented a video tape virus over 20 years ago which was spread from VHS to VHS video players via tape rental shops. I spent about 3 hours live on UK local radio April first as the secret government scientist who could not be named talking to phone in listeners that said they had been infected by it. This probably works in the same way…

  2. Ron February 26, 2014 at 2:15 pm #

    “All routers need to be model AP345.”

    Public facilities tend to have all the same model of AP; it’s just easier to buy and configure N number of one model than N/6 of 6 different models.

    So while I don’t know why they chose the AP345, it’s reasonable to make a test of a homogeneous system.

  3. Joe February 26, 2014 at 2:01 pm #

    ONLY WORKS ON ONE TYPE OF ROUTER! All routers need to be model AP345. Oops, left that part out. Lab setting, yea right, let’s freak out the general DUMB public so we can get more funding. You people are so gullible.

  4. Ron February 26, 2014 at 2:38 am #

    Almost a year ago, this firm had PoC code for remotely attacking two SOHO routers by following an unsafe link. The current researchers have just figured out a way to do it w/o requiring human interaction.

    http://www.securityevaluators.com/knowledge/case_studies/routers/soho_router_hacks.php

  5. taikedz February 26, 2014 at 1:47 am #

    Ah right – got my answer on slashdot.

    “When it infects an AP, Chameleon scans the area for other potential Aps it could attack, bypasses encryption security on the victim AP, bypasses the administrative interface, stores the AP’s system sewttings, replaces the firmware with a virus-loaded version, reloads the original system settings, and goes back on the air to propagate itself to the next victim WiFi network.”

  6. taikedz February 26, 2014 at 1:34 am #

    It would be good to know what exactly the virus is doing… “infects the wireless network” doesn’t seem to me to be very descriptive, more pointing at the transmission medium rather than the target host… is it exploiting a vulnerability common to all routers? which one?

    Having something transmitted over a connection is one thing, having it active on a machine is a different matter…

    What’s the vector? Last I checked, you can’t infect a transmission protocol. I’m ready to be proven wrong though…

  7. Allen February 25, 2014 at 10:51 pm #

    at Sean

    After reading the actual article, the virus does exactly that.

    Seed an access point, that violated AP reads, scans, transmits, infects other APs within range, while users are dormant. Regular use connections to the AP cause it to go sleeper, and proceed with its original routing function.

  8. Sean February 25, 2014 at 8:53 pm #

    I think this article needs rewriting.

    On one hand it states that “The team designed and simulated an attack by a virus”.
    Then it states that “we demonstrated that this is possible”.

    The only way to demonstrate this would be to develop a computer virus that can infect an arbitrary access point, embed itself without disrupting its normal behaviour, and at the same time comandeer its radio to change from Access Point to Client mode and connect to another unifected AP.

    There’s nothing in the summary that indicates they have managed this.

  9. Ron February 25, 2014 at 8:14 pm #

    “It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks”

    Given the long history of vulnerabilities in wifi routers and APs, whoever made such silly assumptions should be fired from whatever position of responsibility he/she now — or *ever* — holds.

Leave a Reply

* Copy This Password *

* Type Or Paste Password Here *