Skip to content
Support Us

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

John Dakers/Eye Ubiquitous/PA Images

Researchers create simulation virus that spreads via WiFi

The virus, named Chameleon, searches for weaknesses within WiFi networks and infects them before automatically seeking other vulnerable access points.

A computer virus that can be spread via WiFi has been developed by researchers in the University of Liverpool.

According to the BBC, the virus searches for WiFi access points – which transmits the WiFi signal and can be found in many homes – which hadn’t their admin password changed.

This admin password is different from the one used to log on to the network itself, and is usually left unchanged from the default setting.

Once an access point is under the virus’ control, any devices connected up to are left vulnerable as a hacker can install firmware and steal data from it.

As soon as the virus, named Chameleon, was installed on one access point, it would automatically seek out other vulnerable access points, and take them over when they’re found.

Homes and small premises like coffee shops that use WiFi would be at most risk as they usually don’t have stringent protection measures in place.

The team’s lead researcher, Professor Alan Marshall, told the BBC it was working on software that could be installed in WiFi access points to prevent such attacks from happening.

The team didn’t reveal the details about the method used in case it would be used on real victims, but said a proof-of-concept attack had been developed at the university.

Read: Mastercard uses phone location tech to help prevent credit card fraud >

Read: Hackers steal more than 16 million email account details in Germany >

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
14 Comments
    Install the app to use these features.
    Mute Jeremy Usbourne
    Favourite Jeremy Usbourne
    Report
    Feb 27th 2014, 3:01 PM

    “University creates something already done thousands of times before”.

    Triffic.

    52
    Install the app to use these features.
    Mute John O'Neill
    Favourite John O'Neill
    Report
    Feb 27th 2014, 4:20 PM

    Should I get a jab for this?

    14
    Install the app to use these features.
    Mute Jeremy Usbourne
    Favourite Jeremy Usbourne
    Report
    Feb 27th 2014, 9:55 PM

    Yes!

    1
    Install the app to use these features.
    Mute Shakka1244
    Favourite Shakka1244
    Report
    Feb 27th 2014, 4:11 PM

    What if it escapes the lab?

    45
    Install the app to use these features.
    Mute Kevin J
    Favourite Kevin J
    Report
    Feb 27th 2014, 4:23 PM

    Indeed the researchers could sell it to underground hacker’s

    6
    Install the app to use these features.
    Mute Chief
    Favourite Chief
    Report
    Feb 27th 2014, 7:11 PM

    For people who have never changed their eircom router password it’s “broadband1″
    To change it type 192.168.1.254 into to your browser and hit enter.

    and if you’re using a vodafone router its “vodafone”
    To change it type 192.168.1.1 into your browser and hit enter

    This will only work if the router default settings have never been changed

    I’ll be back tomorrow to show you how to peel a banana standing 10 feet away with a size 10 knitting needle blindfolded

    17
    Install the app to use these features.
    Mute Nagger
    Favourite Nagger
    Report
    Feb 27th 2014, 9:39 PM

    Won’t make any difference is wps is enabled.

    1
    Install the app to use these features.
    Mute Chief
    Favourite Chief
    Report
    Feb 27th 2014, 10:40 PM

    Are you sure? would a button not have to be pressed on the router or the virus to access the router trying the default password which we have now changed?

    2
    See 2 more replies ▾
    Install the app to use these features.
    Mute Roy Whelan
    Favourite Roy Whelan
    Report
    Feb 27th 2014, 11:13 PM

    Wps isn’t secure and should be turned off. In addition to the Wps button it also allows for an 8 digit pin. In reality a hacker only needs the first 4 digits to gain access.
    http://www.pcpro.co.uk/realworld/374104/why-you-shouldnt-use-wps-on-your-wi-fi-network

    1
    Install the app to use these features.
    Mute Nagger
    Favourite Nagger
    Report
    Feb 28th 2014, 6:59 AM

    No. Many come with it set as default, can be cracked using reaver in 4 – 8 hours regardless of password. Manufacturers know about it but play it down as it affects a huge number of routers and can’t be fixed with firmware update. It’s a button on router called ‘WPS’ which is designed to enable easy setup of security ‘Wifi Protected Setup’

    2
    Install the app to use these features.
    Mute Zozzy Zozimus
    Favourite Zozzy Zozimus
    Report
    Feb 27th 2014, 4:39 PM

    One man’s hacker is another man’s researcher.

    14
    Install the app to use these features.
    Mute Jeremy Rammer
    Favourite Jeremy Rammer
    Report
    Feb 27th 2014, 3:07 PM

    Ha God help EIrcon

    8
    Install the app to use these features.
    Mute Nagger
    Favourite Nagger
    Report
    Feb 27th 2014, 6:58 PM

    Apart from changing default password, turn of WPS. If WPS is enabled , and it is on many wireless routers by default, the pin can be retrieved in 4 – 8 hours. Majority of my neighbours UPC networks are vulnerable…by default.

    1
    Install the app to use these features.
    Mute David Lynch
    Favourite David Lynch
    Report
    Feb 27th 2014, 10:10 PM

    Don’t you need to press the eps button tho??

    1
Submit a report
Please help us understand how this comment violates our community guidelines.
Thank you for the feedback
Your feedback has been sent to our team for review.
JournalTv
News in 60 seconds