Dubbed Broadpwn, the vulnerability was revealed in detail for the first time on Thursday at the Black Hat information security conference in Las Vegas. It works by taking advantage of a number of specific flaws in wifi chips made by the component company Broadcom, ultimately allowing an attacker to write programs directly on to the chip, seizing control of it. “When I started working in this field, we had worms,” said Atenstein: “self-propagating malware which could be run across the network. A pretty good location to make the first wifi worm and the first network worm in a few years.”A well-executed wifi worm would spread almost like a real virus, requiring two vulnerable devices to simply be near each other to jump from one to another. But even before the vulnerability was fixed in software updates from Apple and Google, the Broadpwn bug still had limitations: chiefly, it couldn’t make the leap from the wifi chip’s firmware to the actual device.

Source: The Guardian July 27, 2017 22:18 UTC