Level Up Your Life

Subscribe

Check Your Asus And Huawei Routers To Fix This Wi-Fi Vulnerability

lifehackerinternational Avatar
lifehackerinternational

Yet another major firmware bug has been found that leaves billions of phones, routers, and other wireless devices from Apple, Google, Amazon open to spying.

The bug, known as “Kr00k,” was discovered by the ESETt data security firm and disclosed in a recent paper. Kr00k affects the way certain Wi-Fi chips encrypt data; when an affected Wi-Fi device is disconnected, in-progress communications are left improperly encrypted with a key of only 0s, which can be easily decrypted. Hackers can destabilise a Wi-Fi signal to trigger the bug, then intercept and read bits of the vulnerable data. (Ars Technica’s report on the Kr00k bug has further technical details for those interested.)

While it would be hard for the information collected this way to be successfully leveraged by hackers, it’s still a big a security threat and users should take the necessary steps to ensure their devices are safe by installing the latest updates. While most of your devices can (or have been) fixed with a software patch, you’ll want to make sure you’re using the latest firmware for your Wi-Fi routers, at least”as they don’t often automatically update themselves

Here’s a list of products confirmed to have the Kr00k bug:

Phones and tablets

  • Amazon Kindle 8th gen

  • Google Nexus 5, 6, and 6S

  • iPad mini 2

  • iPhone 6, 6S, 8, XR

  • Samsung Galaxy S8, and S4 GT-I9505

  • Xiaomi Redmi 3S

Routers

  • Asus RT-N12

  • Huawei B612S-25d

  • Huawei EchoLife HG8245H

  • Huawei E5577Cs-321

Other devices

  • Amazon Echo 2nd gen smart speaker

  • Apple MacBook Air Retina 13-inch (2018)

  • Raspberry Pi 3

It’s possible other devices carry the bug, too, so you should make sure your Wi-Fi-loving devices are using the latest firmware or software updates from their manufacturers. And if there aren’t any recent ones available, make a note to check back in a month or so (just in case).

It’s also recommended that users turn on DNS over HTTPS (DoH) on their device’s web browser(s), if available, to keep any attackers from seeing what websites you visit. You can check Wi-Fi security guides for more information.

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments