Blogger templates

June 03, 2015

Complete Information About Chameleon Virus



The past few days there's been a lot of buzz about a virus called Chameleon with spreads like common cold, between Wireless Access Points . Chameleon is the product of the University of Liverpool’s School of Computer Science and Electrical Engineering and Electronics and shows for the first time that WiFi networks can be infected with a virus that moves through the air, jumping from access point to access point.

WiFi access points have long been known to be potentially weak spots onto networks, often left unprotected by passwords or encryption, or still using the manufacturer’s or telecoms operator’s default security codes. But up until now, there hasn’t been a virus that could attack a WiFi network.

Chameleon behaves just as a disease would in a viral outbreak, moving faster through cities with dense populations, where access points (and humans) are closer together. The computer scientists simulated its outbreak in Belfast and London and found that in the higher density of London, the connectivity between devices was a more important factor than how susceptible the access points were.

The malware was also able to avoid detection and find the other visible WiFi access points from its current location that were least protected by encryption and passwords.

It propagates in the following sequence:

  1. It Establish a list of susceptible APs within the range
  2. Bypass any encryption Security on the targeted AP
  3. Bypass the administrative interface on the targeted AP
  4. Identify and Store AP System Settings
  5. Replace the AP firmware on with the virus-loaded firmware.
  6. Import the victim original AP System Settings on newly loaded firmware
  7. Let's Propagate! Back to Step one to next Target.
The Chameleon attack is a serious threat for WiFi network security. The research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS). However, the virus itself doesn’t exist in the wild and created for the demo purpose in the research lab only, though it is very likely that a malicious version could be created and released into the wild by cyber criminals and malware writers. To know more about the Chameleon you can have a look at the white paper  released by the researchers

0 comments:

Post a Comment