On October 16, Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered a weakness in the most commonly used wireless security protocol, WPA2 called Key Reinstallation AttaCK, also known as, “KRACK“.
This is significant because WPA2 is widely used to secure Wi-Fi connections. The discovered weaknesses are in the WPA2 Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.
The vulnerability, dubbed “KRACKs” (Key Reinstallation AttaCKs), is actually a group of multiple vulnerabilities that when successfully exploited, could allow attackers to intercept and steal data transmitted across a Wi-Fi network. Digital personal information that is transmitted over the Internet or stored on your connected devices – such as your driver’s license number, Social Security number, credit card numbers, and more – could be vulnerable.
We strongly recommend that users install and use a WiFi Privacy VPN on all their PCs, MACs and mobile devices before connecting to ANY Wi-Fi network.