If you turn on WiFi, your phone will be attacked fatally?

In the early hours of this morning Beijing time, the developer of the wpa_supplicant component of the Android system announced that the vulnerability of wpa_supplicant has been fixed and expressed gratitude to the Alibaba Security Research Team.

While studying the WiFi protocol, Alibaba Security Research Lab recently discovered that the Android system's WiFi component wpa_supplicant (software that supports wireless connection authentication) has a buffer overflow, which can cause Android devices with WiFi capabilities and WLAN direct connection (such as mobile phones, tablets, smart TVs, etc.) to be remotely executed. Android versions 4.0 and 5.0 are the most affected.

After the vulnerability was discovered, Alibaba Security Research Lab immediately submitted the relevant details of the "WiFi Killer" vulnerability to Google, and Google promptly notified the developer of the Android system's wpa_supplicant component.

As long as WiFi is turned on, mobile phones, etc. may be vulnerable to remote and fatal attacks.

1. When an Android device turns on WiFi, it will broadcast its Mac address to the surrounding area. At the same time, the Wlan direct connection of most mobile phones is turned on by default.

2. Attackers can easily capture the Mac address and Wlan direct connection address of the device through dedicated scanning tools.

3. After obtaining the Wlan direct connection address, the attacker can directly connect to the Android device remotely without the user's knowledge.

4. The attacker can then send malicious messages or Trojan viruses to the target device, steal photos, address books and other private information on the device, or even directly control the phone.

As a result, attackers can remotely launch fatal attacks as long as the Android device has the WiFi function and the Wlan direct connection function turned on (most Android phones will turn on Wlan direct connection by default when WiFi is turned on), and the user will be unaware of the entire process.

To deal with the "WiFi Killer" vulnerability, Ali Qiandun experts give 1 point of concern and 4 suggestions

The "WiFi Killer" vulnerability is the most high-risk vulnerability in 2015. Although Google and other manufacturers have released security patches in the early hours of the morning, due to differences in various customized versions of Android, Android phone manufacturers' upgrade programs are expected to be released in succession in the future. However, through this vulnerability, users' privacy information may be leaked, which may lead to users being defrauded, account funds being stolen, etc., which is a huge risk.

In order to deal with the "WiFi Killer" vulnerability and better protect user security, Ali Qiandun engineers are working hard to create a complete solution. A dedicated "WiFi Killer" vulnerability detection and repair tool will be launched in the near future. Please follow Ali Qiandun's official Weibo and website, and we will notify users as soon as possible.

At the same time, Ali Money Shield also recommends that users

1. Update the latest Android system patch as soon as possible to fix the vulnerability;

2. Do not use the WLAN direct connection function of Android phones to transfer and share files;

3. Try to turn off the WiFi function of your mobile phone in public places, and it is best to use the mobile network to access the Internet;

4. You can install mobile security software such as Ali Money Shield to prevent virus and Trojan intrusion based on the "WiFi Killer" vulnerability;