Bitcoin Forum

 I thought that everybody and their grandmother is already aware of WPS vulnerability, today I had  a friend calling  and asking why did his internet connection became so slow out of a sudden, i used teamviewer to access his PC , checked his router and found that he got 2 unknown devices enjoying free internet.

luckily no harm was done , seems like an amateur kid trying out his new alfa kit.

so my naive friend left his router WPS enabled, and exposed himself to every amateur hacker around him.

if you don't know what WPS is, google it, a short explanation > that  button on your router that you click to allow devices to connect to your router without having to use your wireless password.

WPS vulnerability is so bad that even a mobile phone can use it to hack into your network and with a few easy to use tools they can f*** you up.


so make sure you go to your router setting, find where WPS is and disable it, also notice that some routers will still have  WPS enabled even if it says disabled on the interface.

a simple way to know for sure is by actually trying to use it, or searching for the "router model  + wps " on google to see if anybody has reported that WPS is still enable even after disabling, and if that's the case, get rid of the router and buy another more secured one.

stay safe.

Unfortunately many routers enable WPS by default, its one of those things you should turn off immediately and never use.

Yes it was made for lazy people, who can't bother with setting up a decent password and inputting it. Well once again this shows laziness leads to losses.

I wish they would just kill WPS like they did to WEP. Now we shall see how long it takes for WPA3 (https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#WPA3) to be adopted...

Your warning is right , WPS is not safe, but i don't see much connection between WPS and crypto. Even if someone connect to your wifi, your crypto are still safe , right? Hacker still need to hack the cellphone to stole from a hot wallet.

Most of the routers come with an already enabled WPS vulnerability, and most of the common internet users do not bother about it much which further leads to loss of data.

It is pretty easy to crack a WiFi password using some WPS cracking tools which are easily available on Play Store.

WiFi WPA WPS TESTER: https://play.google.com/store/apps/details?id=com.tester.wpswpatester

WPS CONNECT: https://play.google.com/store/apps/details?id=com.ngb.wpsconnect

Above cracking applications are easily available and can crack any of the WPS enabled WiFi in range of the device. This make's most of the WPS security to the network useless. A small child playing with different apps on Play Store can use it to get some free internet.

There are also other WiFi security, which can be an alternative to this problem like WPA/WPA2 but still as my personal text says, anyone should always remember "NO SYSTEM IS SAFE".

Your crypto becomes less safe, because the attacker can send malicious files to you or hijack your connection (though this is not a easy job too). They can also edit your network connectivity and they can add something like malicious website that needs to be opened if you want to use your connectivity. So I guess people need to be reminded that exposing your connection is also dangerous, even if you don't lose any crypto, they can attack you in another way.

If wireless network is hacked through WPS, hacker have only access to network, means he can use your internet for surfing. I think that in case of such hack only damage is in possibly slow internet, and in the fact that hacker can do bad things using your IP address.

Users can have much bigger problems if their wireless network is hacked by cracking WEP/WPA-PSK/2 protection, and if they did not set unique admin user name / password for router access. Then hacker can log into victim router and change settings, even password / SSID. Luckily reseting router to factory settings will solve such problems.

Back in 2017 researchers have found and published that even WPA-PSK/2 protection is not safe, so be sure all your devices are updated (routers, PC, smart phones).

Key Reinstallation Attacks (https://www.krackattacks.com/)

It’s not only about people getting to use your WIFI for free, but also about the security of the files and information you’ve actually got on your personal network.

Not too long ago, I was checking my personal security, trying to hack my own password with some powerful software I got hold off that ran on Ubuntu. While trying out the software, I also managed to retrieve the WIFI password of four or five neighbouring networks. Now what was even worse was that three of them still had the default router username and password, so I got access to being able to control their routers and snoop around their phone logs. On one on the networks I managed to obtain access to a hard drive with tons of personal files.

Now that was really a one off thing for trial purposes, but it showed me that one has to be wary of WPS, the actual security protocol, router passwords (change default) and personal network security. Fortunately, I’m rather ethical, so besides learning how to do it, I was never inclined to doing any harm.

Edit: Back then I used Wifislax. There are probably better alternatives now, but that did the job at the time. Another interesting feature was to use it as a WIFI jammer: you could target a WIFI and basically overload it with petitions. You have to be pretty near though for this to work, but when I tried it, it caused the jammed wifi to reboot itself repeatedly if I recall correctly (no need to be actually logged-on the the target network).

Mind sharing what software you used? Would like to experiment with it too.

I wonder why WPS is still being added into newer routers when it’s got so many vulnerabilities and the technology seems incredibly outdated. I’m definitely turning it off when I get home, but I had no idea  WPS was so bad. Never even used the push-button for WPS on routers in the first place.

Good suggestions, honestly I was not aware about WPS. Thanks for your post. However actually hacker are more than faster from ours thoughts. That's why we should hide our details as much as possible. For example, if someone found your emails then he could try to hack your emails details. Especially during use shared wifi we have care as much as possible. Its very easy to hack your details on share wifi. Day by day technology become more smart and hacker also become more smart. So be careful.

Isn't it the ones you press in your router, and it will quickly let others connect to your network or something? I appreciate you sharing this because I don't usually use that because I have to press it but knowing that there could be a possible threat to having that feature in a router. I have researched, and it has been at least 2012 when I saw an article talking about WPS Vulnerabilities, and some have like a list of keys for that. I will try to change the router settings now.

---

WPS Flaw Vulnerable Devices – List of Router Models and whether vulnerable to WPS attacks (https://uwnthesis.wordpress.com/2013/07/21/wps-flaw-vulnerable-devices/)
Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack (https://www.us-cert.gov/ncas/alerts/TA12-006A)

One of the most simple ways to get hacked yet people fail to take the easiest prevention.  Password is step number 1 to security.  Fortunately most people don't have anything worth stealing on their computer since most don't own crypto and banks are very difficult to get access to if your not the rightful owner.

Going through your WIFI router's interface is unnecessary as I think that most wifi routers now have light indicators to know whether you are using WPS or WLAN. It simply flashes the light on what network you are using, if the WPS's light is the one blinking then the quickest way to turn it off is by switching to WLAN which also has a button in your router.

Not true,
If wireless network is hacked it will be much more easier for the hacker to hack all devices on the local network.

Besides, if someone is too lazy to turn off WPS, there is high chances he forgot to change the default password for his router too.

I don't quite get the logic behind @Lucius's statement, it's like saying if a thief breaks into your house through the window, it's different from breaking in through the door in terms of what the thief can do AFTER they are already INSIDE your house !

maybe he confused WPS with something else, because after all once somebody is within your LAN it does not matter HOW they got there.

 it's also wrong to assume that the hacker needs access to your router's details, being on the same subnet alone is a huge advantage, not even your wired devices are safe, there are many ways of stealing your data once a pro hacker is connected to your network, one of the old school yet still effective attack are called man-in-the-middle attack,  with a bit of skills and the right piece of software, the hacker will start to router every packet within your network.

an example of this, lets assume you are trying to access your online wallet , packets have to travel in this route "approx"

Your PC/Phone <> router <> your ISP <> wallet server's ISP <> wallet server's router <> wallet server

after a successful attack here is how the route would be

Your PC/Phone <>Hacker's PC<> router <> your ISP <> wallet server's ISP <> wallet server's router <> wallet server

he will be able to intercept every little piece of information , of course encryption and other security measurements will be in his way, but having access to all that traffic/packets is a huge advantage for the hacker.

many people take these stuff for granted, using cheap routers with cheap security , no firewalls , public dns ,tons of open ports and many other doors are kept open for hackers to make use of.

You are not supposed to do this without permission, even with good intentions, as this is the border from white into gray area...

Try running Wireshark or similar on your own LAN and see how much info you are leaking. Someone entering your LAN via WIFI might be getting more info than you think. As for tools, the usual aircrack-ng and friends available for most distros (or all if you bother compiling). You can download a live iso for security testing (https://distrowatch.com/search.php?category=Security) such as the Debian based Kali or Ubuntu based Backbox among many which already come with the most popular tools included.

Of course you can make your wifi secure in many other creative ways, but that would be way beyond the topic of this thread.

---

You should indeed neglect neither. Disable WPS, set WPA2+ and set a decent admin password and a DIFFERENT decent wifi password. Disturbingly many Asic miner owners tend to neglect changing default passwords as well... Braiins OS is nice to nag you about it, but Bitmain and others don't care...

If i have WPS enable , and if i store/hold coins on ledger nano i'm safe , if i send coins from ledger when i'm connected to WI-FI router?

And if i have some coins on PC with psssword encrypted, they can steal coins?

Depends. If they enter your wifi, it will be easier to enter your PC, if they enter your PC, they might install a keylogger and wait for you to type the password (or the seed words). This is why you shouldn't let strangers on your network.

there is no Yes/NO answer to such a question.

if you give your house keys to a stranger, will they steal the golden necklace you hide under the sofa ?

while there is no guarantee that he would do so,  chances increase drastically the moment  he passes your main door going in.

the same things apply here, when the hacker has access to your network, it does not mean that he would be able to hack into EVERYTHING, but simply his chances increase by a good factor and things become easier to do.

Device manufacturers need to pay more attention to security. Before the current digital wave, where people store assets on mobile devices and PC, phones were not primarily used to store important information, and much attention was not placed on security, passwords and unauthorized access.
Good post, I would look up WPS, and how it works.

they do, people don't.

most new routers have wps disabled by default, even some old routers have new firmware versions that would disable wps, but i know that most people never bother about flushing a new router firmware ! and they tend to buy old models because they are cheaper and do just about the same things that new and more expensive routers do , which makes sense to be honest  ;D.

Well this is more about wifi than smartphones, and you can have wifi without any smartphones around.

When WPA came around they were tightening security, but then they tried to cave for the people who is "too lazy to remember a password", perhaps the typical engineer vs marketing/boss situation.

WPS is a serious security flaw and should never be used under any circumstance, same as WEP.

same as using common easy passwords that exist in every password dictionary out there.

people should google <password dictionary.txt>  and check at least top 10 files, see if their password is there or not , brute force is very efficient when you use easy to guess passwords.