While Wi-Fi security has come a long way in recent years, vulnerabilities still exist in the process of data transfer, exposing us to potential hacks and malware. New threats are continuously being discovered and have existed for well over two decades. As a result, IT companies have begun to develop patches for products that are often targets of “frag attacks”.

What Are Frag Attacks

Fragmentation and aggregation attacks (FRAG) intercept data passed through unsecured networks and imitate servers. They perform harmful functions within your network, under the guise that everything is in working order. Computer support companies have seen a dramatic rise in these attacks due to the design flaws within Wi-Fi and programming errors.

IT consultants have also discovered that frag attacks can even occur when using a Wi-Fi secured network with WPA2/WPA3 encryption. The result in which leads the victim to a copy of the website they wish to access, with a cybercriminal on the other end recording their keystrokes and potentially important information. Additionally, hackers can insert malware into the victim’s network that takes screenshots or executes functions/programs.

Vulnerable Routers and Access Points 

Older devices are more vulnerable to frag attacks because manufacturers typically stop issuing the most current security patches to them. However, even new devices that don’t contain these updated patches are almost equally as vulnerable. Be sure to check your devices to make sure all routers and equipment are up to date with security protocols and firmware. Businesses that have an IT consultant department will likely already have this looked after.

If you’re on a personal device, have a computer support technician check the following 12 vulnerability codes to ensure you’re protected:

  • Wi-Fi Standard Design Flaws: CVE-2020-24588, CVE-2020-2458, CVE-2020-24586
  • Wi-Fi Standard Implementation Flaws: CVE-2020-26145, CVE-2020-26144, CVE-2020-26140, CVE-2020-26143
  • Other Implementation Flaws: CVE-2020-26139, CVE-2020-26146, CVE-2020-26147, CVE-2020-26142, CVE-2020-26141

Cybercriminals are active 24 hours a day trying to find vulnerabilities in networks, to steal your data and finances. Make sure you’re up to date with modern security features to prevent this from happening. Also, refrain from using weak passwords in any of your accounts, and avoid any website that does not use HTTPS.


Read our updated blog here