Remember the KRACK vulnerabilities?
The vulnerabilities were uncovered in 2017 when a team of experts engineered a dangerous exploit called the Krack Attack which makes it possible for malicious users to eavesdrop on Wi-Fi traffic between computers and other network devices like routers and access points.
Amazon Echo and Kindle Vulnerable to KRACK Vulnerabilities
It turns out that Amazon Echo has been open to the KRACK vulnerabilities. At least one generation of the widely used Amazon Kindle e-readers were also affected, according to security researchers at ESET.
Even two years after the vulnerabilities were disclosed, many Wi-Fi enabled devices are still vulnerable, including multiple Amazon devices such as the widely adopted Amazon Echo and Amazon Kindle. The enormous userbase of these devices created a great security threat.
To reach these conclusions, the researchers tested the first generation of Amazon Echo, which is the original hardware of Amazon Alexa, and the 8th generation of Amazon Kindle. The tests were designed to determine the devices’ resilience against the various KRACK attacks by using Vanhoef’s scripts.
The results revealed that the first generation of Echo as well as the 8th generation of Kindle devices were vulnerable to the KRACK flaws.
Using Vanhoef’s scripts, the researchers “were able to replicate the reinstallation of the pairwise encryption key (PTK-TK) in the four-way handshake (CVE-2017-13077) and reinstallation of the group key (GTK) in the four-way handshake (CVE-2017-13078)“.
Fortunately, the security team got in touch with Amazon shortly after their discovery. This was in October, 2018. Amazon quickly acknowledged the issues by replicating them, and prepared patches which will be distributed to users in the upcoming weeks.
More specifically, to adress CVE-2017-13077 and CVE-2017-13078 vulnerabilities in several million Echo first generation and Amazon Kindle 8th generation devices, Amazon issued and distributed a new version of the wpa_supplicant, which is a software application on the client device responsible for correct authentication to the Wi-Fi network.
It is noteworthy that in August, 2017, security researchers from MWR Labs were able to demonstrate proof of concept code against Amazon Echo devices. The team was able to showcase how a potential Amazon Echo malware can be used to spy on the users and carry out other related malicious actions. This was possible due to an insecure hardware implementation — access was possible through exposed debug pads and the device allowed booting from external storage devices.