Hacking

A leaked document raises a doubt about NSA knew the #Krack attack since 2010

An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010.

Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic.

Security experts believe that the National Security Agency was aware of the flaw and its arsenal included a specific exploit.

An NSA spokesperson did not comment the claims, this is normal for the US intelligence agencies, but according to ZDNet, rumors that it knew something about the vulnerability in the WPA2 protocol are circulating in the intelligence community.

In some cases, the US intelligence even is informed of a vulnerability doesn’t disclose it in the attempt to exploit it for intelligence operations.

According to a top secret document leaked by the Edward Snowden and dated back 2010, the NSA arsenal included a hacking tool called BADDECISION classified as an “802.11 CNE tool. that used a true Man-in-the-middle attack and frame injection technique to redirect a target client to a FOXACID server.”

Baddecision NSA Krack attackBaddecision NSA Krack attack

The NSA exploit was designed to target wireless networks by using a man-in-the-middle attack within range of the network, according to the Top-Secret slides it works for WPA and WAP2 networks, this implies that BADDECISION could bypass the encryption.

The FOXACID platform allows NSA operators to automatically supply the best malware for a specific target.

The slide said the hacking tool “works for WPA/WPA2,” suggesting that BADDECISION could bypass the encryption.

Cue the conspiracy theories. No wonder some thought the hacking tool was an early NSA-only version of KRACK.

Is BADDECISION the Krack attack tool?

Difficult to say, but many security researchers believe BADDECISION doesn’t exploit the KRACK attack.

According to former NSA staffers cited by ZDNet the NSA BADDECISION exploit is a sort of Ettercap tool that conducts man-in-the-middle attacks to carry out address resolution protocol (ARP) spoofing or poisoning.

Anyway, even if NSA BADDECISION doesn’t rely on the Krack attack, it is impossible to totally exclude that the agency was not aware of the vulnerability recently disclosed.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – NSA, Krack attack)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due…

6 hours ago

China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia.…

12 hours ago

UK’s Legal Aid Agency discloses a data breach following April cyber attack

The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that…

15 hours ago

Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware.…

17 hours ago

Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data…

1 day ago

Japan passed a law allowing preemptive offensive cyber actions<gwmw style="display:none;"></gwmw>

Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to…

1 day ago