Security researcher Jens “Atom” Steube shared this week a new method of compromising passwords on WPA/WPA2-secured routers that have Pairwise Master Key Identifiers (PMKID) features enabled.
The developer of the Hashcat password cracking tool said that he discovered the attack while exploring ways to compromise the new WPA3 security protocol which was announced just last January. Unlike WP3, WP2 does not feature individualized data encryption to scramble connections, or new protections against brute-force attempts to crack passwords.
Steube says the new attack method is clientless and requires no involvement from users. Information, which is translated in regular hex encoded strings, which means attackers cannot be stopped by special translation or output formats.