Recently, a researcher discovered a few security holes in a WiFi chip (Marvell Avastar 88W8897) used in BILLIONS of devices and computers. They include: Sony PlayStation 4, the Xbox One, Microsoft’s Surface laptops, Samsung’s Chromebooks, the Samsung Galaxy J1 smartphones, Valve SteamLink cast devices, some laptops, several routers other embedded devices, and network access hardware.

This security hole allows hackers to secretly inject malicious code into that Wifi chip, which in turn can be further exploited to inject more malicious code into the device/computer. The user merely have to (1) turn on WiFi and (2) get within physical Wifi radio range of the hacker to get compromised. The user don’t have to do anything to get hacked. It will happen silently and automatically.

The good news is, the hacker can not compromise your device/computer remotely via the Internet. He needs to be within physical proximity range to do that. Furthermore, there is no one-size-fit-all hack for all types of devices/computers. Each type of device/computer requires customised hack. Therefore, for now, your chances of being hacked is very low because the likelihood of such an advanced hacker within your vicinity is very low. But as time goes by, the likelihood will increase as knowledge spread within the underground hacker community.

Currently, what is unclear is whether this security hole can be patched with a firmware update (that is, an update of the software running inside the WiFi chip). If not, billions of devices/computers will be permanently vulnerable. Even if this problem can be fixed with a firmware update, device/computer manufacturers (especially the obscure ones) may not be willing or able to deploy them.

The security researcher have yet to provide full details of the security holes, but you can be sure that advanced hackers will be working on how to exploit them and writing software to enable the junior hackers to do that.

What you can do: remember to turn OFF Wifi wherever possible. I know this is not always feasible, but for the moment, it is the only thing you can do.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Security holes discovered in WiFi chip in BILLIONS of devices/computers

DON'T GET HACKED!

Leave a ReplyCancel reply

DON'T GET HACKED!

Related Post

Leave a ReplyCancel reply

Discover more from iSecurityGuru