A new security threat named ‘WiKI-Eve’ has surfaced, posing a significant risk to WiFi-connected smartphones. This attack method exploits the Beamforming Feedback Information (BFI) feature introduced with WiFi 5, allowing attackers to intercept cleartext transmissions and decipher numeric keystrokes with up to 90% accuracy.
Additionally, the security gap was discovered by researchers in China and Singapore, who found it relatively easy to identify numeric keystrokes, even for complex app passwords. Although this attack targets numerical passwords, it emphasizes the need for enhanced security measures in WiFi access points and smartphone apps.
The WiKI-Eve attack operates in real-time, intercepting WiFi signals during password entry and requiring the attacker to identify the target using network indicators. The victim’s BFI time series during password entry is captured using traffic monitoring tools, with each key press causing distinct WiFi signals.
The researchers employed machine learning techniques, including a “1-D Convolutional Neural Network” and a “Gradient Reversal Layer,” to consistently recognize keystrokes across different domains.
The results of the experiments indicate that WiKI-Eve’s keystroke classification accuracy remains high, with an 85% success rate in deciphering six-digit numerical passwords in under a hundred attempts. However, the attacker’s distance from the access point affects the success rate.
Furthermore, the attack was tested on WeChat Pay passwords, where WiKI-Eve deduced passwords with a 65.8% success rate. This research underscores the need for increased security measures in WiFi infrastructure and smartphone apps to protect against such attacks, including encryption, signal obfuscation, and more.
