Tech Support
Documentation
Login
Contact Us
WiKI-Eve Attack Steals Numeric Passwords with 90% Accuracy
Wajahat Raja
September 28, 2023 - TuxCare expert team
Our dependency on Wi-Fi networks has risen enormously in this age of technological innovation. But with innovation comes new threats. This blog delves into the startling discovery of the WiKI-Eve attack, which can steal numeric passwords with an astonishing 90% accuracy. We’ll look at how this assault works and talk about cyber attack mitigation and how to protect your data in an ever-connected environment.
The WiKI-Eve Attack
Consider a scenario in which an attacker can intercept clear-text transmissions from smartphones linked to contemporary Wi-Fi routers and distinguish individual numeric keystrokes with a whopping 90% accuracy. This is exactly what the Wiki-Eve malware does. The attackers make use of a 2013 feature known as BFI (beamforming feedback information), which allows devices to share their positions with routers to improve signal accuracy.
BFI: A Double-Edged Sword
While BFI was intended to improve Wi-Fi performance, it inadvertently introduces a vulnerability. The data exchanged during BFI is in clear-text form, making it vulnerable to interception, all without the use of hardware hacking or encryption key cracking.
This security flaw was discovered by a group of university researchers from China and Singapore while examining the potential secrets that may be obtained from these communications. Their findings were astounding, placing high alert on updating data protection strategies. They could recognize numeric keystrokes with 90% accuracy, 6-digit numeric passwords with 85% accuracy, and complicated app passwords with 66% accuracy.
It’s worth mentioning that the WiKI-Eve attack targets numerical passwords explicitly. Although this may appear to be a limitation, a NordPass survey found that 16 of the top 20 passwords are only numbers.
Understanding the Wiki-Eve Attack Vector
WiKI-Eve is a real-time attack that requires the attacker to intercept Wi-Fi signals during password entry. This requires the victim to actively use their smartphone while seeking to access a specific app. Identifying the target necessitates the use of a network identity identifier, such as a MAC address, which requires some preliminary work.
Data Capture and Processing
During the primary portion of the attack, the attacker uses a traffic monitoring tool like Wireshark to grab the victim’s BFI time series as they type their password. Each keystroke strikes the Wi-Fi antenna beneath the screen, producing a distinct Wi-Fi signal. While these signals are only a portion of the access point’s downlink CSIs, they provide adequate information about keystrokes.
Cyber Threat Intelligence and Machine Learning in Action
This security incident response included using machine learning to understand the attack. To solve obstacles, including typing style, typing speed, and nearby keystrokes, the researchers use machine learning, especially a “1-D Convolutional Neural Network.” This system is trained to recognize keystrokes consistently, regardless of typing style, using a concept known as “domain adaptation.”
Wiki-Eve attack analysis experiments with WiKI-Eve on a laptop and Wireshark demonstrated the attack’s feasibility. Furthermore, it was found that a smartphone may be used as an attacking device, but with limits in Wi-Fi protocols supported. Matlab and Python were used to analyze the collected data, with segmentation parameters optimized for the best results.
Results of the Experiment
Threat intelligence reports revealed that when applying sparse recovery techniques and domain adaptation, WiKI-Eve’s keystroke classification accuracy remained consistent at 88.9%. WiKI-Eve obtained an 85% success rate in less than a hundred attempts for six-digit numeric passwords, consistently exceeding 75% in varied scenarios.
The distance between the attacker and the access point is an important factor impacting WiKI-Eve’s performance. The successful guess rate dropped by 23% when the distance was increased from 1 meter to 10 meters.
WeChat Pay Vulnerability
The researchers also put WiKI-Eve in a realistic attack scenario by attempting to extract user credentials for WeChat Pay. The results were unsettling, with WiKI-Eve accurately guessing passwords 65.8% of the time. The algorithm correctly predicted the correct password among its top 5 guesses in more than half of the tests, giving attackers a 50% chance of getting access before the app locks. This highlights the importance of implying network security measures.
Protecting Your Numeric Passwords
In a world where cyber dangers are always growing, data breach prevention becomes critical. As the WiKI-Eve attack highlights the vulnerability of numeric passwords, preventing data leaks, therefore, entails using stronger, alphanumeric passwords. Furthermore, to reduce the danger of being a victim of such attacks, keep your Wi-Fi network security standards up to date and employ reputable security solutions. Understanding AI in cybersecurity defense should also be prioritized.
Conclusion
As malicious data exfiltration threats develop in the digital realm, it is critical to keep informed and proactive in securing your sensitive information. The WiKI-Eve attack reveals a vulnerability that can be exploited without compromising access points. Attackers can deduce secrets with surprising precision by using network traffic monitoring technologies and machine learning.
Improved security measures, including malware detection techniques for Wi-Fi access points and smartphone apps, are required to mitigate this threat. These methods may include keyboard randomization, data traffic encryption, signal obfuscation, CSI scrambling, Wi-Fi channel scrambling, and others.
Strengthen your defenses against potential breaches and data theft by studying the WiKI-Eve assault and implementing recommended security practices.
The sources for this piece include articles in VPN Mentor and BleepingComputer.
