Business Today
Loading...

Wi-Fi chip flaw on your iPhone, Android can let your device get hacked: Apple users need not worry

A new vulnerability has been detected for Wi-Fi chips on a bunch of devices from Apple, Amazon and some Android devices. Apple and Amazon have patched the flaw already.

twitter-logoAmritanshu Mukherjee | February 29, 2020 | Updated 12:24 IST
Photo: Pixabay

Highlights

  • A new Wi-Fi chip flaw has affected security on some devices.
  • The affected devices include Apple iPhones, Amazon devices and some Android devices.
  • Apple and Amazon have already fixed the flaw on their devices.

Modern gadgets are so complicated that it is easy for a hacker to find a flaw and exploit the users. Something similar has happened for existing Apple, Amazon and a bunch of few Android devices. A research group called Eset has figured out a new vulnerability for a Wi-Fi chip in some of the devices from these companies that can let hackers get hold of your data even if it's encrypted. This poses some grave security threats to users of these devices.

According to Eset's research, vulnerability is called Kr00k. It is said that this flaw plagues the FullMAC WLAN chips (basically the Wi-Fi chips) that were manufactured by Cypress and Broadcomm. These companies are known to supply Wi-Fi chips to major device manufacturers across the world, including Apple, Amazon, Huawei and Asus.

In its explanation, Eset says, "ESET researchers discovered a previously unknown vulnerability in Wi-Fi chips and named it Kr00k. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user's communication. In a successful attack, this allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device."

The researchers also tested similar Wi-Fi chips from other chip manufacturers such as Qualcomm, MediaTek, RealTek and Ralink but they did not find any issues with these chips. Hence, the flaw is only limited to chips manufactured by Broadcom and Cypress.

The research paper lists the name of some of the devices that are affected by this flaw. These include:

Amazon Echo 2nd gen

Amazon Kindle 8th gen

Apple iPad Mini 2

Apple iPhone 6, 6S, 8, XR

Apple MacBook Air Retina 13-inch 2018

Asus RT-N12

Google Nexus 5

Google Nexus 6

Google Nexus 6S

Huawei B612S-25d

Huawei EchoLife HG8245H

Huawei E5577Cs-321

Raspberry Pi 3

Samsung Galaxy S4 GT-I9505

Samsung Galaxy S8

Xiaomi Redmi 3S

If you are worried about the security on these devices, then there's some comforting news from Apple and Amazon. Both these companies have already patched the flaw on their devices, which leaves the Android devices in this list left to be patched. Chances are that some of these devices may have been patched but there's no official confirmation from these manufacturers as of now.

Youtube
  • Print

  • COMMENT
Tags: Apple | android | Amazon
BT-Story-Page-B.gif
A    A   A
close