Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

Israeli Researcher Cracked Over 3,500 Wi-Fi Networks in Tel Aviv City

Over 70% of Wi-Fi networks from a sample size of 5,000 were
hacked with “relative ease” in the Israeli city of Tel Aviv,
highlighting how unsecure Wi-Fi passwords can become a gateway for
serious threats to individuals, small businesses, and enterprises
alike.

CyberArk security researcher Ido Hoorvitch, who used a Wi-Fi
sniffing equipment costing about $50 to collect 5,000 network
hashes for the study, said[1]
“the process of sniffing Wi-Fis and the subsequent cracking
procedures was a very accessible undertaking in terms of equipment,
costs and execution.”

Automatic GitHub Backups

The new Wi-Fi attack builds on previous findings[2]
by Jens “atom” Steube in 2018 that involves capturing what’s called
the PMKIDs associated with a client (aka SSID) in order to attempt
a brute-force attack using password recovery tools like
hashcat.

PMKID is a unique key identifier[3]
used by the access point (AP) to keep track of the pre-shared key —
i.e., pairwise master key aka PMK — being used for the client.
PMKID is a derivative of AP’S MAC
address[4], client’s MAC address,
PMK and PMK Name.

“Atom’s technique is clientless, making the need to capture a
user’s login in real time and the need for users to connect to the
network at all obsolete,” Hoorvitch said in the report.
“Furthermore, it only requires the attacker to capture a single
frame and eliminate wrong passwords and malformed frames that are
disturbing the cracking process.”

The collected hashes were then subjected to a “mask attack” to
determine if cell phone numbers were used as Wi-Fi passwords, a
practice common in Israel, uncovering 2,200 passwords in the
process. In a subsequent dictionary attack[5]
using “RockYou.txt[6]” as a password source,
the researcher was able to crack an additional 900 hashes, with the
number of breached passwords decreasing as the password length
increased.

A successful compromise of the Wi-Fi network could enable a
threat actor to mount man-in-the-middle (MiTM) attacks to gain
access to sensitive information, not to mention pivot laterally
across the network to breach other critical systems that are
connected to the same network.

“The lesson here? The longer the password, the better,”
Hoorvitch said. “A strong password should include at least one
lower case character, one upper case character, one symbol, one
digit. It should be at least 10 characters long.”

References

  1. ^
    said
    (www.cyberark.com)
  2. ^
    previous
    findings     (hashcat.net)
  3. ^
    unique
    key identifier     (en.wikipedia.org)
  4. ^
    MAC
    address     (en.wikipedia.org)
  5. ^
    dictionary attack
    (en.wikipedia.org)
  6. ^
    RockYou.txt
    (en.wikipedia.org)

Read more