Consumer, Consumer Threat Notices

Chameleon: the Wi-Fi Virus That Hides in Plain Sight and Spreads Like a Cold

5
By on Mar 05, 2014

Recently, a group of researchers at the University of Liverpool successfully tested a new virus with a terrifying potential. It doesn’t spread by the usual means, but this new infection has all the markings of a communally spread illness. The virus, dubbed “Chameleon,” infects Wi-Fi networks in densely populated areas and spreads “as efficiently as the common cold spreads between humans.” Chameleon is heralding in a new era of technological viruses, and one that we must prepare for.

Unlike most malware and viruses previously discussed on my blog, Chameleon doesn’t infect computers or mobile devices. Instead, it opts to infect access points. Access points are outlets within a network where a device, whether wirelessly or not, connects to the Internet. In this case, Chameleon purposefully targets access points—usually in the form of a wireless router—that uses default passwords, no passwords or weak encryption standards. Once an access point is infected, a hacker can easily determine the credentials of the devices connected to that access point and use that to further perpetuate their attack.

These access points are particularly vulnerable for a few reasons: 1) the default settings on these devices are rarely changed by consumers, making it easier for hackers or viruses to bypass security with known default passwords; 2) routers rarely have any built-in antivirus protections, leaving a massive hole open for exploitation by hackers; and finally, 3) many wireless networks, especially those at coffee shops, are intentionally left open for people to easily access the connection. The unsecured nature of public networks makes them a lucrative target for hackers looking to collect a large amount of data fast.

At present in the U.S., this threat is only a proof-of-concept (in that it hasn’t actually been discovered publically, or in the wild, and was instead created by researchers in a controlled environment). In Asia and Europe, however, actual attacks on home office wireless routers are very much a reality. This week, an attack on more than 300,000 routers was discovered overseas. This attack stems from a different virus than the Chameleon strain discussed here—but it goes to show the threat is very real. The sheer number of home routers and gateways that are vulnerable to attacks makes them a very attractive target to cybercriminal groups.

And, as with a cold, the success of this virus depends on population density. The more Wi-Fi networks with overlapping access points, the more likely an infection will occur and more likely the virus will spread. What’s worse is Chameleon can spread largely undetected precisely because it infects wireless networks, not computers or smartphones where security programs can pick up on the suspicious behavior. All it has to do is infect a router and wait to collect data sent through the router from connected devices.

Luckily, were Chameleon ever to see the light of day, it could easily be defended against. All users have to do is secure their network router with strong, unique passwords.

We’ve discussed the importance of securing your networks and your devices before. The advent of the airborne computer virus only reinforces that point because, in all likelihood, it’s only a matter of time until a virus like Chameleon hits the streets.

So what can you do to protect yourself against Wi-Fi viruses such as this one? Here are a few suggestions:

  • Protect your Wi-Fi network with a password. The good news about Chameleon is that it’s fairly easy to defeat: just secure your network by placing a password on your wireless router. It’s just another reason to take standard security steps to head off hackers.
  • Control which devices have access to your wireless router. In your router’s advanced settings, you can restrict access to just your family’s devices by using MAC address filtering. Manufacturers typically set this filtering feature to “off” as it requires a bit of effort to set up, but the extra step is well worth it to protect your data and devices. For additional tips on protecting your wireless connection, go here.
  • Avoid using public networks. There are plenty of reasons to avoid using public networks, but Chameleon underlines one in particular: you don’t know if that public connection is protected, sufficiently encrypted or if it has been compromised. That uncertainty can cost you your banking and social information—while leaving your device equally exposed. If you can’t avoid using public networks, then protect your devices, from laptops to smartphones, with McAfee LiveSafe.

And, as always, stay informed on the latest in cybersecurity news. To keep up with the latest trends that concern you, follow us @McAfeeConsumer on Twitter and Like us on Facebook.

Gary Davis