Sometimes, it feels like every new day brings with it another cyber threat to worry about. While cybercrime syndicates certainly are growing more organised and sophisticated by the day, there’s no need to stress yourself out with fears about the security of your business. The most beneficial course of action is to educate yourself on the latest threats, and if you have any concerns about their ability to impact your business, discuss them with your managed service provider or IT support team.
To get you started, let’s take a tour through the world of fluxion hacking, including who’s doing it, what’s at risk, and what you can do to protect yourself and your passwords.
What Is A Fluxion Attack?
Fluxion advertises itself as “the #1 wifi cracker.” It is a password hacking program that combines social engineering (via phishing) and technology to trick users into giving up their log-in details. The script has been designed to retrieve WPA/WPA2 keys from target access points, and while it is predominantly a manual process for the hacker, it does allow for automation of some of the setup parameters.
Perhaps the scariest element of Fluxion is that it takes the work out of password cracking by employing a range of processes to quickly and easily convince users that it’s both safe and necessary to provide their wifi password. Think of it as the greasy fast-food of the hacking world – terrible for you but cheap, quick, and easy for the hackers.
Who Are Hackers Targeting With Fluxion Attacks?
If you ever find a hacker in a talkative mood, they’ll tell you that nine times out of ten, the weakest link in any system is its users. This is precisely why programs like Fluxion have been designed to facilitate social engineering attacks. It doesn’t hurt that this attack vector is generally as cheap as it is effective.
Small and medium-sized businesses are prime targets for password hacking attacks, particularly those that aren’t centred on the technology industry. It’s common for small and medium-sized businesses to have unpatched systems and other vulnerabilities, including many users who are still using their default credentials. Businesses that don’t have the protection and support of a managed service provider tend to be relatively easy to exploit over their wireless network. In many cases, they don’t even know what a password hacking attack looks like, let alone how to fortify themselves against one.
How Does A Fluxion Attack Work Exactly?
Fluxion is an EvilAP attack tool that jams the original network via which login details are usually submitted, creating an “evil twin” – a clone that looks for all the world like a real login page. The user is generally prompted with a notification that firmware needs to load or the router needs to restart, and they are invited to input their password to proceed. Fluxion makes use of a captured handshake to check and confirm the password entered. The program will continue jamming the target access point until the correct password has been provided.
With Fluxion, hackers may be able to:
- Enact a WPA handshake exploit;
- Imitate original access points;
- Initiate network scans (hunting for clients, services, ports, and other exploitable information);
- De-authentication users;
- Capture and redirect DNS requests (e.g. an attacker could install a fake DNS entry that redirects users from their online banking service to a phishing page);
- Hijack password verification processes;
- Install a backdoor in your router’s firmware (giving the hacker easy access to your network whenever they want it).
How Can You Protect Yourself From Wifi Phishing And Password Hacking?
The problem with social engineering attacks, like those enacted via Fluxion, is that they target the one thing you can’t install protective software on – humans. As such, one of the best protective measures you can initiate is to educate yourself and offer training to anyone who regularly accesses your network.
In terms of your router itself, it may be time to upgrade if yours is not WPA3 or at least WPA2 enabled. These feature the second and third iterations of the WPA (wifi protected access) security protocol, and they come with AES encryption designed to protect your network from uninvited access.
You should also check to ensure that you don’t have remote administration activated. Deactivating this feature ensures settings can only be accessed from a computer physically connected to the router via a cable. Unless you’re a developer, it’s unlikely that you’ll need to access your router’s admin settings from the other side of the planet. So, deactivating remote admin should cause no inconvenience to anyone other than a hacker trying to access your network.
Though Invotec aims to be the best managed services provider in Australia, it’s also our intent to provide valuable, free information on all things tech-related. Keep an eye on the Invotec blog to ensure you’re up-to-date with the latest important news in the world of IT.