A place for all things security.

Flaw in router chipset leads to easy WIFI hacking

Aug 31, 2014 // Andrew Stroup

A flaw found by Oxcite in some router chipsets now let hackers bypass the push-button security of WiFi Protected Setup (WPS) nearly instantly. What used to be a difficult task of trying to grab inbound or outbound data packets to crack the password, hackers now can take a single shot based on a series of offline calculations that take only about a second to complete.

Fortunately, this vulnerability in the hardware isn’t in every router, but it’s likely found in relatively common chipsets from Broadcom and others that have yet to be named (as they rush to patch the issue). Ars Technica chimes in and notes the flaw is likely due to a wireless networking implementation issue rather than the technology itself.

Bottom line, turn off your router’s WPS and work out of the native router setup.