WiKI-Eve Attack: How Hackers Can Steal Your Wi-Fi Password

By Ava McKinneyOnline Safety

WiKI-Eve Attack Vector Allows Hackers to Steal Wi-Fi Passwords

A new attack vector called “WiKI-Eve” enables hackers to intercept plaintext data transmissions from smartphones connected to modern Wi-Fi routers and determine individual keystrokes with up to 90% accuracy. In other words, a potential attacker can extract device owners’ passwords.

This new method exploits the BFI (beamforming feedback information) feature, which was introduced in 2013 with Wi-Fi 5 (802.11ac). BFI allows devices to send routers information about their location. While this functionality helps routers direct signals more accurately, it has a significant flaw: the information exchange happens in plaintext, meaning an attacker can intercept and read it.

This vulnerability was highlighted by researchers from China and Singapore. Initially, the team was testing the possibility of extracting “secrets” from data transmission processes, but they discovered that the flaw allows them to identify keystrokes with 90% accuracy and decode six-digit passwords with 85% accuracy. More complex combinations can be obtained in 66% of cases.

It might seem that WiKI-Eve only works with numeric passwords, but the risk should not be underestimated. According to a NordPass study, 16 out of the 20 most common passwords consist only of numbers.

How the WiKI-Eve Attack Works

The WiKI-Eve attack involves intercepting Wi-Fi signals while a password is being entered. In other words, the attacker must wait for the victim to actively use their smartphone and launch a specific app.

The attacker also needs the victim’s device identifier on the network (such as a MAC address). In the main phase, the attacker captures the victim’s BFI time series during password entry, using tools like Wireshark.

Each time a user presses a key, it affects the Wi-Fi antennas, generating a specific signal. Since the recorded BFI time series can blur the boundaries between keystrokes, the researchers developed an algorithm to parse and recover the data.

Key Takeaways

  • WiKI-Eve exploits a vulnerability in the BFI feature of modern Wi-Fi routers.
  • Attackers can intercept and analyze Wi-Fi signals to determine keystrokes and steal passwords.
  • Numeric passwords are especially vulnerable, and many users rely on them.
  • Protecting your Wi-Fi network and using complex passwords can help reduce the risk.

Leave a Reply