With all of that having been said and now out of the way, it is important to note that BFI (beamforming feedback information) is at the center of this new exploit. This refers to beamforming feedback information, allowing for more accurate location information, and directing signals specifically to the routers that requested them.
It turns out that a core component of BFI transmits this information in plain text, which makes it far easier to steal than might have been the case otherwise. Indeed, malicious actors might not even need to do any hacking or cracking to obtain the key to decrypt this data with all things having been considered and taken into account.
The researchers involved in this study are calling this Wiki-Eve, and it bears mentioning that it can detect keystrokes with as much as 88.9% accuracy. Furthermore, malicious actors don’t even need to install a rogue program which allows them to execute their attacks in greater quantities.
This is just the latest in a series of side-channel attacks that have come to the fore. Such attacks are placing an enormous strain on cybersecurity infrastructure, which is already facing considerable pushback from malicious actors around the world. The most important thing to remember here is that there is no telling where a new vulnerability might arise from, which makes it crucial to constantly check cybersecurity for gaps.
The only way to prevent Wiki-Eve from gleaning passwords through keystrokes is to encrypt the data that is sent through BFI. Failing to do so could lead to password theft becoming more commonplace. Using two factor authentication can also be seen as a positive step in the right direction since it creates an additional layer of security for all accounts.
Read next: Sick of Socially Engineered Attack Ads? This New Tool Might Be the Key
by Zia Muhammad via Digital Information World
No comments:
Post a Comment