Check Your Asus and Huawei Routers to Fix This Wi-Fi Vulnerability
Another major firmware bug has been discovered that leaves billions of phones, routers and other wireless devices from Apple, Google, Amazon open to spying.
The bug, known as “Kr00k”, was discovered by data security firm ESETt and covered in a recent article . Kr00k affects the way certain Wi-Fi chips are encrypted; when the affected Wi-Fi device is disconnected, the current communication remains incorrectly encrypted with only 0s key that can be easily decrypted. Hackers can destabilize the Wi-Fi signal to cause an error and then intercept and read bits of sensitive data. ( Ars Technica ‘s Kr00k bug report has additional technical details for those interested.)
While it will be difficult for hackers to use the information collected in this way, it is still a big security risk and users should take the necessary steps to keep their devices secure by installing the latest updates. While most of your devices can (or have been) fixed with a software patch, you should make sure to use the latest firmware for your Wi-Fi routers, at least as they don’t automatically update frequently.
Here is a list of products with a confirmed Kr00k bug:
Phones and tablets
- Amazon Kindle 8th generation
- Google Nexus 5, 6 and 6S
- iPad mini 2
- iPhone 6, 6S, 8, XR
- Samsung Galaxy S8 and S4 GT-I9505
- Xiaomi Redmi 3S
Routers
- Asus RT-N12
- Huawei B612S-25d
- Huawei EchoLife HG8245H
- Huawei E5577Cs-321
Other devices
- 2nd generation Amazon Echo smart speaker
- Apple MacBook Air Retina 13-inch (2018)
- Raspberry Pi 3
It is possible that other devices are carrying the bug as well, so you should make sure that your Wi-Fi-loving devices are using the latest firmware or software updates from their manufacturers. And if there aren’t any new ones available, make a note to come back in a month or so (just in case).
It is also recommended that users enable DNS over HTTPS (DoH) in their device’s web browsers, if available, so that attackers do not see which websites you visit. You can check out our DoH and Wi-Fi Security Guides for more information.