We rank vendors based on rigorous testing and research, but also take into account your feedback and our commercial agreements with providers. This page contains affiliate links.
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers. These take into consideration the reviewers’ independent and professional examination of the products/services.

Ownership

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Reviews Guidelines

The reviews published on vpnMentor are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

WiKI-Eve Attack Can Steal Passwords Over WiFi

WiKI-Eve Attack Can Steal Passwords Over WiFi
Author Image Husain Parvez
Husain Parvez Published on 14th September 2023 Cybersecurity Researcher

A new cyber attack dubbed “WiKI-Eve” has emerged, which allows attackers to steal a victim’s numeric passwords. This alarming discovery was brought to light in a paper compiled by a team of researchers from China and Singapore.

The attack capitalizes on the Beamforming Feedback Information (BFI) feature, which was first introduced with WiFi 5 in 2013. This allows devices to send information about their position to routers, so the latter can direct the signal efficiently. However, this data is not encrypted, and can easily be intercepted.

First, the attacker needs to identify their chosen victim on the network. As pointed out by BleepingComputer, the researchers explained that "Eve can acquire this information beforehand by conducting visual and traffic monitoring concurrently: correlating network traffic originating from various MAC addresses with users’ behaviors should allow Eve to link Bob’s physical device to his digital traffic, thereby identifying Bob’s MAC address”.

With this information, the attacker can deduce numeric passwords entered by the victim. Each time the user presses a key, it impacts the device’s WiFi antennas, which in turn impacts the WiFi signal. These events can be read in the unencrypted BFI data and used to infer which keys were pressed.

The accuracy of this attack is alarmingly high. The researchers demonstrated that the attack could identify numeric keystrokes with a staggering 90% accuracy. Furthermore, the tests revealed an 85% accuracy rate in deciphering six-digit numerical passwords and a 66% accuracy rate for more intricate app passwords. This study involved 20 participants, various phone models, and multiple typing styles.

However, the WiKI-Eve attack is not without its limitations. It requires the identification of the target on the network and has a limited window for execution. Another constraint is the distance, which was pointed out by BitDefender; increasing the gap between the attacker and the target from 1 to 10 meters reduces accuracy by 23%.

To counteract such threats, the researchers suggest encrypting data traffic (such as with a quality VPN), which would prevent attackers from obtaining BFI in cleartext.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.