In October 2017, it unexpectedly turned out that there was a serious vulnerability in the Wi-Fi Protected Access II (WPA2) protocol for encrypting Wi-Fi traffic, which allows revealing user passwords and then listening to the victim's data exchange. The vulnerability was named KRACK (short for Key Reinstallation Attack) and was identified by experts Mathy Vanhoef and Eyal Ronen. After the KRACK vulnerability was discovered, it was closed with corrected firmware for devices, and the WPA2 protocol, which replaced WPA3 last year, should have completely forgotten about security problems in Wi-Fi networks.
Alas, the same experts discovered no less dangerous vulnerabilities in the WPA3 protocol. Therefore, it is again necessary to wait and hope for new firmware for wireless access points and devices, otherwise you will have to live with the knowledge of the vulnerability of home and public Wi-Fi networks. The vulnerabilities found in WPA3 are collectively known as Dragonblood.
The roots of the problem, as before, lie in the operation of the communication mechanism or, as they are called in the standard, “handshakes”. This mechanism in the WPA3 standard is called Dragonfly (dragonfly). Prior to the discovery of Dragonblood, it was considered well-defended. In total, the Dragonblood package included five variants of vulnerabilities: a denial of service, two vulnerabilities with a decrease in network protection (downgrade) and two vulnerabilities with an attack on side channels (side-channel).
Denial of service does not lead to data leakage, but it can be an unpleasant event for a user who repeatedly fails to connect to an access point. The remaining vulnerabilities allow an attacker to recover passwords to connect a user to an access point and track down any information that is critical for the user.
Network downgrading attacks allow you to force a switch to an older version of the WPA2 protocol or to weaker variants of WPA3 encryption algorithms, and then continue hacking using known methods. Side channel attacks exploit the peculiarities of the WPA3 algorithms and their implementation, which ultimately also allows the use of previously known password cracking methods. Read more here. The Dragonblood Vulnerability Toolkit can be found at this link.
The Wi-Fi Alliance, which is responsible for developing Wi-Fi standards, has been made aware of the vulnerabilities found. It is reported that hardware manufacturers are preparing modified firmware to close the security holes discovered. Replacement and return of equipment is not required.
Source: 3dnews.ru