Do you know, A Computer virus could go Airborne over Wi-Fi networks? Security researchers at the University of Liverpool in Britain have demonstrated a Wi-Fi virus that can spread between computer networks just like the ‘common cold‘ spreads between Humans.
They have created a proof-of-concept which can infect the entire wireless network instead of a single computer at a time, that replaces the firmware of the vulnerable Access Point (AP) with a virus-loaded version, and then propagates itself to the next victim on the WiFi network.
The Wi-Fi based virus named as ‘Chameleon‘, that can self-propagate over Wi-Fi networks from access point to access point, but doesn’t affect the working of the Wireless Access Point.
This Virus is able to identify Wi-Fi access points that are not protected by encryption and passwords, according to the research paper. It can badly hit less-protected open access Wi-Fi networks available in coffee shops or airports.
The experimental simulated demonstration was performed in two cities i.e. Belfast, NI and London, England.
A random access point was made infected with the virus which act as a seed, the results were published in the paper. The Chameleon attack is a serious threat for Wi-Fi network security. The research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS).
“Hence, this attack is considered advanced and difficult to detect, as IDS rogue AP detection methods typically rely on a change in credentials, location or traffic levels.”
The Density of Access points in a certain geographical area increases the security issues for wireless networks, because it spreads very quickly at high speed in an area having denser Access Point availability.
“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus,” says Marshall, Co-author of the research paper.
However, the virus itself doesn’t exist in the wild and created for the demo purpose in the research lab only, though it is very likely that a malicious version could be created and released into the wild by cyber criminals and malware writers.