Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scientists Demonstrate Virus That Spreads Across Wi-Fi Access Points

Posted by Soulskill on from the proof-of-concept dept.

An anonymous reader writes "Researchers at the University of Liverpool have shown for the first time that WiFi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans. The team designed and simulated an attack by a virus, called 'Chameleon,' that not only could spread quickly between homes and businesses, but avoided detection and identified the points at which WiFi access is least protected by encryption and passwords. The research appears in EURASIP Journal on Information Security." The technical details are explained in the journal article.

12 of 68 comments (clear)

  1. Keyword; simulated by complete+loony · · Score: 3, Insightful

    Sure it's easy to model the spread of a virus. It's another thing entirely to write one that can run on every commodity access point, with sufficient CPU power to crack all nearby passwords / keys.

    --
    09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
    1. Re:Keyword; simulated by khasim · · Score: 3, Informative

      My problems with TFA are:

      1. Are they being paid by the word because they're throwing massive amounts of bullshit into it.

      2.

      A new form of compromised AP attack has been demonstrated and analysed in [4], called the 'Chameleon' attack, perpetrated by the Chameleon virus.

      That would be a "worm". Not a "virus". And a worm that attacks WiFi routers is NOT new.

    2. Re:Keyword; simulated by khasim · · Score: 5, Informative

      Worms hop from system to system without the need for any human interaction. They exploit vulnerabilities in services listening on ports. Worms need a network.

      A virus infects other files with copies of itself. But an uninfected machine still needs someone to run one of those files on the uninfected machine to infect the uninfected machine.

      Viruses are a lot less common now. Mostly you see trojans and worms and "blended" threats that are a mix of trojans and worms.

    3. Re:Keyword; simulated by Zero__Kelvin · · Score: 3, Insightful

      "You're using your own personal definition of virus unlike the rest of the world."

      Oh, the irony. You just randomly made up your own definitions after accusing the (much more correct) OP of the same.

      "A worm generally causes no damage and just likes to spread."

      There is no stipulation regarding payload or lack therof for a worm. What makes it a worm rather than a virus is that it is an independant, stand alone program or file that doesn't attach itself to a host program or other file.

      " Virii generally cause damage and spread."

      Again, no payload stipulation is appropriate. What makes it a virus is that it attaches to a host program or other file and spreads by attaching to other host programs or files.

      "Still a worm though, because that overload was a bug, not a feature."

      Again, no. The RTM Worm was a worm because it did not attach to other programs; it was an independant program. Payload has absolutely nothing to do with it. The trouble it caused could have been quite intentional and that wouldn't change a thing. It was a worm regardless of the payload or lack therof.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  2. A Wifi Virus?! by Anonymous Coward · · Score: 3, Funny

    We shall call it...the Flappy Bird Flu.

    You're welcome.

  3. PostScript Virus by Greyfox · · Score: 5, Funny

    I wanted to do something like that on network-attached postscript printers a few years back, but didn't have an easy way to open a network socket in PostScript. My virus would have moved from printer to printer and done nothing else except replace every instance of the word "Strategic" with the word "Satanic" on printed documents.

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  4. Re:It hides from detection? by AHuxley · · Score: 3, Insightful

    Would your average well coded antivirus behavioural detection software care a lot if your wifi rebooted a few times?
    No new data into the 'protected' OS, no OS changes, packets flowing in, out, network seems the same ...

    --
    Domestic spying is now "Benign Information Gathering"
  5. Re: Attack replaces firmware .. by Anonymous Coward · · Score: 4, Informative

    The article states chameleon attacks weakly protected acess points. If it finds a hardened one, like WAP, it moves on. It is a worm, not a virus, but the authors couldn't compare it to human contageon that way. I count myself lucky I never cought a worm. Virus, yes.

  6. Pure BS. Nothing to see here by markgamache · · Score: 5, Funny

    This is not science or IT security, it is pure PR crackpot FUD conjecture. The "Chameleon" virus doesn't exist. Please read my paper on my fake bluetooth virus. Bluetooth is MUCH more pervasive than Wifi. More cell phones than Wifi, more cars, and about the same number of computers. In my model, they all get infected and your wireless speakers, phones and computers play "It's a Small World" 24/7 until we all go crazy. It ends a lot like 28 Days later.

  7. Re:Back in 1990.. by Ol+Olsoc · · Score: 3, Funny

    A cow-orker in another department and I wanted to come up with software

    How exactly does one ork a cow?

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  8. Re:Back in 1990.. by EvilIdler · · Score: 3, Funny

    One orker on each side.

  9. Re:Back in 1990.. by baKanale · · Score: 3, Funny

    Very carefully.