updated 12:00 am EST, Wed December 28, 2011
Flaw makes for easier brute-force attacks
The US Computer Emergency Readiness Team (US-CERT) has reportedly issued a warning regarding a vulnerability in Wi-Fi routers that use Wi-Fi Protected Setup (WPS) PINs. The security flaw, which was said to be discovered by security researcher Stefan Viehbock, enables hackers to easily gain access to routers by using brute-force attacks and software tools to guess the PIN codes.
Although routers require users to enter an eight-digit PIN, which should conceal the true number among 100 million possibilities, the current technology is said to effectively weaken the protection down to a point that can be hacked with a maximum of 11,000 attempts.
When a user makes an incorrect PIN guess, the system responds to the client with a message that reportedly provides notification if the first half of the PIN was correct. The message also reveals the last digit of the PIN as a checksum.
"It has been reported that some wireless routers do not implement any kind of lock out policy for brute force attempts," the US-CERT warning said. "This greatly reduces the time required to perform a successful brute force attack."
Viehbock suggests select routers from D-Link, Netgear, Linksys and Buffalo are vulnerable to the brute force attacks. He claims to have been ignored by the hardware vendors, despite developing a Python tool that can break the code in just a few seconds. [via Threat Post]