Viruses to infect Wi-Fi networks in 2008?

[Ross101]

Researchers at Indiana University have warned of the increased opportunity for hackers resulting from the spread of Wi-Fi. The researchers were specifically talking about the new breed of city-wide Wi-Fi networks where thousands can be logged on simultaneously, but the principle can also be applied to smaller-scale public hotspots.

What's more, the researchers think such a threat could piggyback across multiple Wi-Fi networks too, taking over thousands of networks in one fell swoop. The researchers think such an attack would easily spread by guessing admin passwords that simply haven't been changed. In fact, they estimate that 36 per cent of passwords could be guessed.

"The issue is that most of these routers are installed out of the box very insecurely," said Steven Myers, an assistant professor at Indiana University told the IDG News Service. He's got a point; most manufacturer's instructions don't even tell you how to change the admin username and password from the default settings, meaning anybody who can access your wireless network can change your settings. And if you don't have security enabled, that's bad news. Even if you have, it might not stop such an attack: WEP encryption is old news to hackers.

The potential attack could install new firmware on routers, meaning they could in turn attack other networks. However, there is one caveat to this - to the knowledge of the researchers, no code has yet been written to carry out such an attack.

AdvertisementGet secure when using open networks
Wi-Fi hacking has been in the news at various points over the past year or two, most notably when a hacking expert demonstrated how easy it is to intercept email over a Wi-Fi connection at last year's Black Hat security convention.

At the time, Robert Graham, CEO of Errata Security, accessed the Gmail of a 'victim' in front of the press. What was worrying about the demonstration was just how simple it was. First, Graham ran Ferret to sniff out the packets of data on the open Wi-Fi network set up for the expo. It copied the cookies being sent across the access point. Graham then copied these into his browser with a tool called Hamster.

As he had the cookie, he could then gain password-less access to mail accounts. Graham demonstrated the methodology against different webmail providers. At that rate, we might all be using VPNs on public networks in a few years time.

Viruses to infect Wi-Fi networks in 2008? - News - Tech.co.uk

we could all be hacked via our wii wi-fi

[nutter]

wow... that sucks... im safe though my router doesn't broadcast it's there no one but the person who knows the name can see it wooooo

[ace_dynamo]

Yeah but I think there are programs that can still get your SSID name even if the router doesn't broadcast it. I know my Dell PDA with it's standard software can at least tell me if there is a network nearby, regardless of whether the SSID is being broadcast or not.

[nutter]

ah well, better go into the settings and up the security i'll just turn everything on... j/k...

I'm sure before this happens (now they've said it can) two things will happen.

1) Hackers will attempt to write this coding..
2) Security companies will attempt to write this coding...then find a way to stop it...

[kungfumaster]

do you think there may be a conspiracy among anti-virus companies? after all if there is no virus' then they are out of business.

[Gukophoto]

Well as a random note,

When I was reading that about 36 percent of passwords could be hacked. I was on holiday well a university field trip. I needed internet access. I asked the hotel if we could borrow their wifi access, they said no!.

10 seconds later by putting the hotel name in the passord box, I was online on my own laptop. Too many people, use addresses, businesses or family names as passowrds

A

[nutter]

it's because they're not clever.... as soon as i got my wireless router i started changing all the passwords for anything i could get my hands on, and i didnt even know what halve of it was for when i did it... i just wanted it secure...

But most people are like... *plug in* woo it works, its safe

[Scotty32]

arnt most Wifi's completely open?

and if people have shared folders on their computer - yay instant access.

Quote:

Originally Posted by kungfumaster

do you think there may be a conspiracy among anti-virus companies? after all if there is no virus' then they are out of business.

do you think if we all moved to linux, the world would be more secure?

[monkey]

hmm, well I suppose it was only a matter of time really. Hopefully someone will come up with something more secure.

Some people are really quite silly about their wireless though. I hate to think how many times I've accidentally connected to a neighbours broadband when I thought it was my own. I even accidentally logged into their router once as there was no password (they had the same one as me and I didnt realise I was connected to theirs)

[wiimadjay]

so how did you realise it was there's if exactly the same