Feeling safe an cozy with your Wi-Fis WPA2 encryption on a HTTPS web site.... Not so fast.

The researchers at Krack Attacks have found a way to insert a man in the middle attack giving a bad guy the ability to see all your info, log it, then use it later.

"We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites."

Here's how it's done:



The problem is not the device, but the actual WPA2 itself. Given that majority of all Wi-Fi networks right now are WPA2 - this is an issue. You should find out your wireless routers manufacturer and look for patches as soon as they become available.