Monday, May 5, 2025
HomeComputer SecurityDragonBlood - New Vulnerability in WPA3 Protocol Let Hackers Steal WiFi Password

DragonBlood – New Vulnerability in WPA3 Protocol Let Hackers Steal WiFi Password

Published on

SIEM as a Service

Follow Us on Google News

Security researchers discovered a new vulnerability in WPA3 Protocol named “Dragonblood” which allows hackers to steal the WiFi Password from WP3 enabled WiFi Network.

This serious vulnerability in WPA3 protocol lets cybercriminals crack the password and access the encrypted traffic to steal sensitive data transmitted such as credit card numbers, passwords, chat messages, and emails.

WPA3 protocol was recently announced by Wi-Fi Alliance and claims that it is impossible to crack the password of a network due to the powerful Dragonfly handshake but now it’s proven wrong due to this new Dragonblood vulnerability.

- Advertisement - Google News

Most of the WiFi networks still use the 14-year-old WP2 protocol which is actually vulnerable to Krack Attacks Since then WPA3-Announced to Improve Security for personal and enterprise Wi-Fi networks.

Design Flaw in WPA3 Dragonblood Vulnerability

In this case, Researchers uncovered 2 different design flaws in WPA3 Protocol, and both vulnerabilities can be abused by the attacker to steal the password in the targetted Wi-Fi network.

1. Downgrade attacks
2. Side-channels leaks

The first flaw is the Downgrade attack on WP3 is due to a transition mode that is implemented in WPA3 by WiFi Alliance allows a network can simultaneously support both WPA2 and WPA3.

Since the WP3-enabled WiFi Network supports both WP2 and WPA3, setting up a rogue Access point that only supports WPA2 lets an attacker connect using WPA2’s 4-way handshake to perform offline Dictionary Attack.

Researchers said, “Although the client detects the downgrade-to-WPA2 during the 4-way handshake, this is too late. The 4-way handshake messages that were exchanged before the downgrade was detected, provide enough information to launch an offline dictionary attack.”

WPA3

The second flaw, Side-channels leaks allows attackers to perform a Cache-based side-channel attack and Time-Based Side-channel Attack due to the vulnerabilities in the Dragonfly handshake.

Cache-Based Side-Channel Attack CVE-2019-9494. let attackers run unprivileged code on the victim machine and this attack allows us to determine which branch was taken in the first iteration of the password generation algorithm of Dragonfly.

“This information can be abused to perform a password partitioning attack (this is similar to an offline dictionary attack). “

Similarly, the time-based side channel Attack CVE-2019-9494 abuses the password encoding algorithm of Dragonfly handshake to perform the same password partitioning attack, which is similar to an offline dictionary attack.

In this case, Two researchers, Mathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven)  who discovered this vulnerability made scripts to test for certain Dragonblood vulnerabilities discovered in WPA3 Protocol:

  • Dragonslayer: implements attacks against EAP-pwd (to be released shortly).
  • Dragondrain: this tool can be used to test to which extent an Access Point is vulnerable to denial-of-service attacks against WPA3’s SAE handshake.
  • Dragontime: this is an experimental tool to perform timing attacks against the SAE handshake if MODP group 22, 23, or 24 is used. Note that most WPA3 implementations by default do not enable these groups.
  • Dragonforce: this is an experimental tool that takes the information recovered from our timing or cache-based attacks, and performs a password partitioning attack. This is similar to a dictionary attack.

WiFi Alliance Patched Both Vulnerabilities

Both Vulnerabilities are currently patched and released an update by WiFi Alliance, a non-profit organization that promotes Wi-Fi technology and certifies Wi-Fi products for conformity to certain standards of interoperability.

According to WiFi Alliance, There is no evidence of the vulnerability being used against Wi-Fi users maliciously, and Wi-Fi Alliance® has taken immediate steps to ensure users can count on WPA3-Personal to deliver even stronger security protections.”

“These issues can be resolved through a straightforward software update – a process much like the software updates Wi-Fi users regularly perform on their mobile devices.”

You can also read the complete technical details in Whitepaper and also read here.

You can follow us on LinkedinTwitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.

Best Ways to Keep Your Data Secured While Using Public WiFi Networks

Top 10 Best WiFi Hacking Apps for Android – 2019 Edition

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control

Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the "SonicBoom Attack Chain,"...

Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis

A researcher has unveiled a novel integration between AI-powered Copilot and Microsoft's WinDbg, dramatically...

Apache Parquet Java Vulnerability Enables Remote Code Execution

A high-severity vulnerability (CVE-2025-46762) has been discovered in Apache Parquet Java, exposing systems using...

NCSC Warns of Ransomware Attacks Targeting UK Organisations

National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control

Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the "SonicBoom Attack Chain,"...

Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis

A researcher has unveiled a novel integration between AI-powered Copilot and Microsoft's WinDbg, dramatically...

Apache Parquet Java Vulnerability Enables Remote Code Execution

A high-severity vulnerability (CVE-2025-46762) has been discovered in Apache Parquet Java, exposing systems using...