Security bug could let attackers snoop on Wi-Fi traffic
The vulnerability called Krook affected Wi-Fi chips from Broadcom and Cypress.
A new security vulnerability called Krook could have let attackers intercept and decrypt some Wi-Fi traffic. The bug affected Wi-Fi chips from Broadcom and Cypress that are used in devices like phones and laptops , as well as some access points and routers, according to security researchers from antivirus firm ESET. They estimate up to a billion devices could have been vulnerable to Krook.
The good news? Broadcom and Cypress have already released updates to patch the vulnerability, according to ESET. The firm said it also worked with industry groups to make sure potentially affected parties, including device manufacturers, were aware of Krook.
Before patches were issued, ESET researchers said they tested and confirmed that Krook impacted some devices from Amazon , Apple , Google , Samsung , Raspberry and Xiaomi , as well as access points from Asus and Huawei .
Broadcom and Cypress didn't immediately respond to requests for comment.
The exploit was detailed Wednesday by ESET researchers as part of the RSA security conference in San Francisco.