We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

WiKI-Eve Attack Can Steal Passwords Over WiFi

WiKI-Eve Attack Can Steal Passwords Over WiFi
Author Image Husain Parvez
Husain Parvez Published on 14th September 2023 Cybersecurity Researcher

A new cyber attack dubbed “WiKI-Eve” has emerged, which allows attackers to steal a victim’s numeric passwords. This alarming discovery was brought to light in a paper compiled by a team of researchers from China and Singapore.

The attack capitalizes on the Beamforming Feedback Information (BFI) feature, which was first introduced with WiFi 5 in 2013. This allows devices to send information about their position to routers, so the latter can direct the signal efficiently. However, this data is not encrypted, and can easily be intercepted.

First, the attacker needs to identify their chosen victim on the network. As pointed out by BleepingComputer, the researchers explained that "Eve can acquire this information beforehand by conducting visual and traffic monitoring concurrently: correlating network traffic originating from various MAC addresses with users’ behaviors should allow Eve to link Bob’s physical device to his digital traffic, thereby identifying Bob’s MAC address”.

With this information, the attacker can deduce numeric passwords entered by the victim. Each time the user presses a key, it impacts the device’s WiFi antennas, which in turn impacts the WiFi signal. These events can be read in the unencrypted BFI data and used to infer which keys were pressed.

The accuracy of this attack is alarmingly high. The researchers demonstrated that the attack could identify numeric keystrokes with a staggering 90% accuracy. Furthermore, the tests revealed an 85% accuracy rate in deciphering six-digit numerical passwords and a 66% accuracy rate for more intricate app passwords. This study involved 20 participants, various phone models, and multiple typing styles.

However, the WiKI-Eve attack is not without its limitations. It requires the identification of the target on the network and has a limited window for execution. Another constraint is the distance, which was pointed out by BitDefender; increasing the gap between the attacker and the target from 1 to 10 meters reduces accuracy by 23%.

To counteract such threats, the researchers suggest encrypting data traffic (such as with a quality VPN), which would prevent attackers from obtaining BFI in cleartext.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.