Millions of Android phones put at risk by mobile Wi-Fi security flaw


A new exploit has been discovered in the Wi-Fi standard that allows attackers to intercept and read the communications between mobile devices and wireless access points as well as modify them to inject malware into websites. 

So far it seems that devices running Android and Linux are the most affected by this exploit with 41 per cent of all Android phones susceptible to an attack.  However, since the exploit is based on the Wi-Fi standard itself, any device running Windows, Android, macOS, iOS and Linux can fall victim to this new attack method. 

There is a catch though and to be vulnerable, devices need to be within physical range of an attacker.  Once the exploit is used, an attacker can read a wide variety of information between a device and the network it is connected to such as emails, messages, passwords and credit card numbers. 

Devices running Android 6.0 or later versions of Google's mobile OS contain a vulnerability that make them especially vulnerable to a variant of the Wi-Fi attack that can be used to inject ransomware or malware into websites.  However, Google is aware of the issue will be issuing a security patch for the affected devices in the coming weeks. 

Due to the nature of this attack, simply changing your Wi-Fi password will not help prevent attacks.  The researchers that discovered the exploit do recommend updating all of your devices to the latest security patch as well as updating the firmware on your router if possible. 

Image Credit: Chris Oakley / Flickr