WiKI-Eve Attack: Unveiling the Alarming Threat to Numeric Passwords


In this age of technological innovation, our dependence on Wi-Fi networks has reached unprecedented levels. With these innovations, however, comes a new breed of threats. This blog explores the discovery of the WiKI-Eve attack, an insidious malware that can steal numeric passwords with an astonishing 90% accuracy. We will delve into the inner workings of this cyber threat, discuss mitigation strategies, and offer tips on how to safeguard your data in an increasingly interconnected world.

The WiKI-Eve Attack

Imagine a scenario where an attacker can intercept clear-text transmissions from smartphones connected to modern Wi-Fi routers and accurately identify individual numeric keystrokes with a staggering 90% accuracy. This is precisely what the WiKI-Eve malware does. Leveraging a feature known as BFI (beamforming feedback information), introduced in 2013 to enhance Wi-Fi signal accuracy, attackers can exploit a significant vulnerability.

BFI: A Double-Edged Sword

BFI was designed to enhance Wi-Fi performance, but it inadvertently introduced a vulnerability. The data exchanged during BFI is transmitted in clear text, making it susceptible to interception without the need for hardware hacking or encryption key cracking. A group of university researchers from China and Singapore discovered this security flaw and sounded the alarm on the need to update data protection strategies. Their findings revealed that WiKI-Eve could recognize numeric keystrokes with 90% accuracy, 6-digit numeric passwords with 85% accuracy, and complex app passwords with 66% accuracy.

It's important to note that WiKI-Eve targets numeric passwords specifically, and this might seem limiting. However, a NordPass survey found that 16 of the top 20 passwords are composed of numbers.

Understanding the WiKI-Eve Attack Vector

WiKI-Eve is an immediate assault that necessitates the attacker to intercept Wi-Fi signals while passwords are being entered. The victim must be actively using their smartphone while attempting to access a specific app. Identifying the target involves using a network identity identifier, such as a MAC address, which requires some preliminary work.

Data Capture and Processing

During the initial phase of the attack, the attacker uses a traffic monitoring tool like Wireshark to capture the victim's BFI time series as they type their password. Each keystroke triggers a distinct Wi-Fi signal as it interacts with the Wi-Fi antenna beneath the screen. While these signals are only a fraction of the access point's downlink CSIs (channel state information), they provide enough information about the keystrokes.

Cybersecurity Insights Empowered by Machine Learning

To combat this security threat, the researchers employed machine learning to understand the attack. Overcoming challenges such as typing style, typing speed, and nearby keystrokes, they used a "1-D Convolutional Neural Network" trained for keystroke recognition, irrespective of typing style, through a concept known as "domain adaptation."

Experiment results indicated that WiKI-Eve's keystroke classification accuracy remained consistent at 88.9% when applying sparse recovery techniques and domain adaptation. WiKI-Eve achieved an 85% success rate for six-digit numeric passwords in fewer than a hundred attempts, consistently exceeding 75% in various scenarios. 

The distance between the attacker and the access point significantly impacts WiKI-Eve's performance. The success rate dropped by 23% when the distance increased from 1 meter to 10 meters.

Protecting Your Numeric Passwords

In a world where cyber threats continue to evolve, preventing data breaches becomes imperative. The WiKI-Eve attack exposes the vulnerability of numeric passwords, emphasizing the need for stronger, alphanumeric password choices. Furthermore, keeping your Wi-Fi network security standards up to date and employing reputable security solutions can reduce the risk of falling victim to such attacks. Understanding the role of AI in cybersecurity defense is also crucial.


As malicious data exfiltration threats persist in the digital realm, staying informed and proactive in safeguarding sensitive information is paramount. The WiKI-Eve attack unveils a vulnerability that can be exploited without compromising access points. Attackers can deduce secrets with alarming accuracy by using network traffic monitoring technologies and machine learning.

Enhanced security measures, including malware detection techniques for Wi-Fi access points and smartphone apps, are essential to mitigate this threat. These methods may include keyboard randomization, data traffic encryption, signal obfuscation, CSI scrambling, Wi-Fi channel scrambling, and more. It is through proactive measures and a deeper understanding of these evolving threats that we can secure our digital lives in an ever-connected world.

Contributed by Sandeep Vishwakarma

Post a Comment