Researchers have discovered a breach in the WPA2 WiFi encryption protocol. This breach could allow hackers to intercept your data, such as password, credit card or other sensitive information. All devices are impacted but mostly Linux and Android 7 or greater. This breach is called “KRACK” for Key Reinstallation Attack.
“If your device supports Wi-Fi, it is most likely affected,” said Vanhoef, on his website.
This new breach can be easily used by hackers, they just need a vulnerable WPA2 network. Then they make a carbon copy of it and impersonate the Mac address and change the WiFi channel. With this new fake network, the hacker can stand as a “man in the middle”. They will see all the data and collect them.
Usually, the WPA2 encryption protocol uses a different key for each block of plain text. However, this attack can force the WPA2 to reuse the same key multiple times. This issue is even worse on Android and Linux because they use by the standard the same encryption.
How to protect yourself?
On Windows, Mac & Linux:
You can use a VPN to protect your data. If you use Google Chrome and you want to encrypt your browser data we recommend you to use Tunnello Google Chrome extension
Use a VPN or turn off your WiFi connection. Google will release soon a patch to fix this issue.