Researchers from Liverpool and Belfast have developed a new type of computer virus that targets WiFi access points and could be as contagious as the “common cold”.
The virus, known as a “Chameleon WiFi access point virus” targets WiFi access points that have not had their administrator passwords changed from the defaults “password”, “00000”, or “administrator” and gains access to them to install its own infected firmware.
Once a hacker is in control of the access point they can steal passwords, banking information, or otherwise tracks what those connecting to the internet through that WiFi connection are doing online.
Where this virus is different to previous WiFi access point viruses, is that once hackers have installed their infected firmware on one access point, that access point will automatically seek out and try to infect other wireless access points nearby with overlapping signals that are also vulnerable to attack.
In cities and towns where most homes have WiFi access points, this virus could theoretically jumps from building to building infecting access points and giving hackers access to people’s details all by itself, making it extremely contagious.
The researchers have built a proof of concept virus to demonstrate this threat, but are focusing their work on producing software that could be installed on WiFi access points to prevent this type of hijacking, with their work published in the EURASIP Journal on Information Security.