Security researchers at the University of Liverpool have warned of the potential for computer viruses to spread over WiFi networks with the same effectiveness as the common cold.
The team in the University’s School of Electrical Engineering, Electronics and Computer Science developed a virus called Chameleon, which is able to move across WiFi networks and avoid detection with ease.
"This attack replaces the firmware of an existing AP [access point] and masquerades the outward-facing credentials. Thus, all visible and physical attributes are copied and there is no significant change in traffic volume or location information," it said.
"Hence, this attack is considered advanced and difficult to detect, as IDS [intrusion detection system] rogue AP detection methods typically rely on a change in credentials, location or traffic levels."
The researchers then ran tests on a simulation of the WiFi networks in London and Belfast and found that Chameleon acted like an airborne virus, as the close proximity of WiFi APs made it easy for the virus to spread.
The virus also easily adapted to its surroundings. If it encountered an AP with good security encryption and passwords, it would move onto another AP that was not sufficiently protected and continue to spread.
Alan Marshall, professor of network security at the university, said the study underlined the risks posed by public WiFi.
“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus,” he said.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks, but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”
The full research paper entitled Detection and analysis of the Chameleon WiFi access point virus is available online.
The research is worrying as public WiFi networks are being rolled out across major cities such as London all the time. The London Underground now has more than 130 stations hooked up while numerous boroughs are offering free services to residents.
Success of AMD's Ryzen microprocessor line finally wakes up Intel
British Airways CEO Alex Cruz suggests power surge and the failure of back-ups caused weekend of airline chaos
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store