Sergey Nivens - Fotolia

Manage Learn to apply best practices and optimize your operations.

Wireless access point security: Defending against Chameleon malware

Chameleon malware targets insecure wireless access points. Enterprise threats expert Nick Lewis explains how to defend against the malware.

Can you please tell me more about the Chameleon malware, including how to detect it and how to keep Wi-Fi access...

points safe from it?

Researchers from the University of Liverpool developed a new proof-of-concept malware called Chameleon to demonstrate malware that spreads via wireless access points (WAPs). Chameleon reportedly spreads over the air by attacking insecurely configured WAPs. Once an access point is compromised, Chameleon captures unencrypted network traffic to gather usernames and passwords and scans other wireless networks for insecure configurations.

Chameleon was designed to highlight some of the vulnerabilities of wireless networks in high-density cities where biological viruses spread faster because of their close proximity to other vulnerable hosts. The basic functionality of the Chameleon malware could be extended in a modular way to add other functionality or exploits, such as other modern malware features.

Chameleon exploits some of the same insecure configurations as Firesheep, and many of the same protections against Firesheep can work against Chameleon. Using an encrypted wireless network and an encrypted IP network connection will protect users against Chameleon. Securely configuring wireless access points will also help boost an enterprise's wireless network safety. Additionally, scanning and removing insecure wireless access points will prevent these types of attacks.

Most enterprises are at minimal risk of being hit by the Chameleon malware or something like it, due to the fact that they largely have deployed wireless networks using encryption. Nevertheless, a new version of Chameleon could be released with support for attacking encrypted networks or against common enterprise wireless access point products, putting seemingly safe enterprises at higher risk.

The standard advice -- improving wireless access point security by not allowing enterprise employees to use insecure wireless networks -- will prove to hold true in this scenario.

Ask the Expert!
Perplexed about enterprise security?
Send Nick Lewis your questions today! (All questions are anonymous.)

This was last published in September 2014

Dig Deeper on Malware, virus, Trojan and spyware protection and removal