Skip to main content

Search

Roqos Support Center

Are Roqos Core routers patched against KRACK WiFi vulnerability?

  • Updated

A new vulnerability in WiFi connection reported on 10/16/2017. Roqos engineers took a quick action and came up with a patch which got automatically applied the next day to all Roqos Core routers.

In KU Leuven University in Belgium a researcher Mathy Vanhoef released information on a WiFi vulnerability, calling it KRACK, for Key Reinstallation Attack. In his words: "This vulnerability can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites." Here is the link for the technical video describing the vulnerability from him. 

Every WiFi device including your Roqos Core has this vulnerability, as they all use Wi-Fi Protected Access 2 (WPA2) protocol which is for keeping WiFi data encrypted and hidden from possible attackers. When this vulnerability is exploited, bad guys can see your web traffic to/from insecure sites. Roqos engineers recommend three-step action plan:

1. Update Your Router
If you have Roqos Core, you are covered. Our engineers worked hard and patched the vulnerability. You don't have to do anything, as your Roqos Core will be updated automatically tonight while you're sleeping. If you don't have Roqos Core, find the new firmware for your router and upload it by following the instructions mentioned in your router's user guide.

2. Update Your WiFi Devices
The ultimate goal of this vulnerability is to be the man-in-the-middle between your WiFi devices and the sites you visit. For that, consult your devices technical support to update operating systems or security software on them. Till then you might want to switch to cell phone network or wired Ethernet connection instead of using WiFi, if possible.

3. Use Virtual Private Network (VPN)
Using VPN connection from your devices encrypts your data between them and the VPN servers on the internet. Especially in public WiFi networks such as coffee shops, hotels, airports, etc. it is always a good idea to use VPN.

If you have Roqos Core, you can use the VPN IN feature to connect your phones and laptops to your Roqos Core while you are outside home. This will be the most trusted VPN service or VPN connection as the VPN server is actually your Roqos Core router in your home.

Roqos VPN app is currently available for Android and IOS devices. Roqos VPN apps Windows and MAC laptops are coming soon, till then please follow the instructions here. If you have any questions or suggestion please do not hesitate to contact us.