University of Liverpool scientists have discovered they can produce a Wi-Fi virus that can move through dense wireless (unprotected) networks and infect multiple systems. The team designed a virus called Chameleon and found that it was able to spread rapidly from one network to another. The virus was also able to identify weak networks, those without encryption or passwords. The scientists found that Chameleon had human airborne virus qualities in its ability to infect one wireless network after another, much like the flu bug in humans. The closer the networks are to each the other the more likely the virus will spread through them.
Alan Marshall, Professor of Network Security at the University, said: “When “Chameleon” attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other WiFi users who connected to it. The virus then sought out other WiFi APs that it could connect to and infect.”
“Chameleon” was able to avoid detection as current virus detection systems look for viruses that are present on the Internet or computers, but Chameleon is only ever present in the WiFi network. Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected including open access WiFi points common in locations such as coffee shops and airports.
Professor Marshall continued said: “WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”