About KRACK

Security Awareness

What you should know about VPNFilter Malware…

Symantec posted an alert yesterday (23 May 2018) entitled “VPNFilter: New Router Malware with Destructive Capabilities” that details a “new threat which targets a range of routers and NAS devices … capable of knocking out infected devices by rendering them unusable.” (https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware).

Luxul’s number one concern during an alert like this is the protection of its customers.

“We are investigating this Malware as it pertains to Luxul products. At this time we haven’t heard any reports nor are we seeing any effects of this Malware to our products. If this changes we will be communicating to our customers immediately,” says Dan Haab, Vice President of Design Engineering & Product Innovation at Luxul.

The alert from Symantec also indicated that “most of the devices targeted are known to use default credentials and/or have known exploits, particularly for older versions.” Luxul recommends that dealers follow industry best practices, including changing administration passwords during installation to not be the default and to work with customers to change already installed routers’ passwords periodically. It is also highly recommended that router software is regularly updated. Luxul provides industry leading tools to assist dealers in servicing their customers’ networks for such activities.

An update posted today (24 May 2018) by Symantec indicates the “FBI has announced that it has taken immediate action to disrupt the VPNFilter, securing a court order, authorizing it to seize a domain that is part of the malware’s command-and-control C&C infrastructure.”

Be sure to follow Luxul on social media or sign up for their mailing list to be informed of any updates for this particular malware.


What Is KRACK?

KRACK is essentially a weakness in the Wireless Protected Access 2 (WPA2) system—the system that secures the Wi-Fi connection between a router and computer. This weakness enables attackers to eavesdrop on unencrypted traffic, inject malware into otherwise legitimate websites, or even manipulate new data on a Wi-Fi network when the WPA2 system breaks down.

As the industry’s most popular security standard for 802.11 wireless networks, this weakness in the WPA2 system could affect a wide range of Wi-Fi users. This said, an attacker would physically have to be within range of a target Wi-Fi network in order to carry out an attack, thus making the vulnerability much less threatening.

KRACK was discovered in September 2017 and announced to businesses and consumers in early October. After hearing that announcement in early October, Luxul’s team of engineers worked feverishly—nights and weekends—to create a patch to protect users from this unfortunate bug. In early December, firmware updates to secure all Luxul devices vulnerable to KRACK were made available to the public and can be accessed on our Firmware Updates page. These patches secure all wireless routers and access points; other products on your network infrastructure are not vulnerable to the KRACK weakness.

Luxul’s number one concern during an emergency like KRACK is the protection of its users. We wanted to first make the issue known to our customers so no one was left in the dark, then we made it our top priority to create and push out a solution for the problem.
We don’t know when the next emergency will arise or what it will be, but we can tell you Luxul will do whatever it takes to protect its customers. Our guarantee.