Amazon Echo and Kindle Devices Affected by KRACK WiFi Bug
Millions of Amazon Echo 1st generation and Amazon Kindle 8th generation are vulnerable to an old WiFi vulnerability called KRACK that allows a hacker to perform a man in the middle attack against a WPA2 protected network. KRACK, or Key Reinstallation Attack, is a vulnerability in the 4-way handshake of the WPA2 protocol that was disclosed in October 2017. Hackers can decrypt packets sent by clients to steal sensitive information sent over plain text. Any encrypted traffic sent over the wireless network are still be protected from snooping. Hardware manufacturers needed to release new firmware for the affected devices to fix the flaw.
Researchers at ESET discovered that Amazon Echo 1st generation and Amazon Kindle 8th generation devices are still affected by the KRACK vulnerability. Researchers were able to replicate the reinstallation of the pairwise encryption key in the four-way handshake and reinstallation of the group key (GTK) in the four-way handshake. Researchers were able to replay old packets to execute a DoS attack and disrupt network traffic. They were also able to decrypt data transmitted by the victim.
Amazon was able to replicate the bugs. Amazon issued and distributed a new version of the wpa_supplicant, a software application on the client device responsible for correct authentication to the Wi-Fi network. Most users should already have this update, but it is strongly advised that all users go into their Echo and Kindle settings and make sure they are using the latest firmware.