'Chameleon' - the computer virus that spreads through wi-fi

The lab virus infects wi-fi networks, not actual computers, and in a test sponged all user info from people who connected to a network. (AP)

The lab virus infects wi-fi networks, not actual computers, and in a test sponged all user info from people who connected to a network. (AP)

It is the stuff of cyber nightmares: an undetectable virus that moves through the airwaves. But researchers at the University of Liverpool have made it a reality. They have shown, for the first time, that wi-fi networks can be infected via their access points, rather than computers – living not in the internet, but in the wi-fi space.

In densely populated areas where wi-fi hotspots were prevalent, the "Chameleon" virus – which was designed by researchers at the university's school of computer science and electrical engineering and electronics – could spread as quickly as the common cold.

They proved this by simulating – in a laboratory environment – attacks on London and Belfast. Densely populated areas had more access points in close proximity, and so the virus spread more quickly. Their research was published in the European Association for Signal Processing's Journal on Information Security.

"When 'Chameleon' attacked an access point, it didn't affect how it worked, but was able to collect and report the credentials of all other wi-fi users who connected to it," said Alan Marshall, professor of network security at the university. "The virus then sought out other wi-fi access points that it could connect to and infect."

Professor Basie von Solms, director of the Centre for Cyber Security at the University of Johannesburg, said that what makes "Chameleon" novel is that it "lives" in the wi-fi cyberspace, and attacks via access points. "They have proved now, in a controlled environment, that such a virus can spread very quickly via wi-fi, which was not so clear before.

"Also, because it 'lives' in the 'wi-fi cyber space', it is not detected because it never really infects a computer directly."

Open access
"While many access points are sufficiently encrypted and password protected, the virus simply moved on to find those which weren't strongly protected, including open access wi-fi points common in locations such as coffee shops and airports," the University of Liverpool said.

Current virus detection programmes look for viruses present on computers or the internet, not on the wi-fi network itself.

However, Von Solms said it remains theoretical because "if such a virus is used for malicious purposes … it will have some kind of payload which will infect computers and other devices, because that is where the desired data and information reside".

Von Solms said this research showed that cyberspace is constantly evolving and urged caution for all users.

 
Sarah Wild

Sarah Wild

Sarah Wild is a multiaward-winning science journalist. She studied physics, electronics and English literature at Rhodes University in an effort to make herself unemployable. It didn't work and she now writes about particle physics, cosmology and everything in between.In 2012, she published her first full-length non-fiction book Searching African Skies: The Square Kilometre Array and South Africa's Quest to Hear the Songs of the Stars, and in 2013 she was named the best science journalist in Africa by Siemens in their 2013 Pan-African Profiles Awards. Read more from Sarah Wild

Comments

blog comments powered by Disqus

Client Media Releases

Shops about to get smarter
Why Imperial was there
What or WHO is your most valuable asset?
Putting the pieces in the jigsaw puzzle
Brainstorm's 2016 CIO Directory