You arrive at your favorite coffee shop, turn on your laptop and order your coffee. You have not yet connected to the public Wi-Fi hotspot sponsored by the shop.
Suddenly the performance on your laptop drops inexplicably. When you initialize the connection to the Internet, aggressive popups begin appearing almost immediately. Or unnoticed by you, your files are being uploaded somewhere . .. and your keystrokes are being logged as you access your bank statement - even though you use a secure SSL or VPN connection over Wi-Fi.
You've just been infected by a rootkit with a nasty trojan virus piggybacked onto the payload. And it happened right after you powered up but before you connected to the Internet. How is this possible?
This scenario is about to come true.
A pair of hackers at the Black Hat conference in Las Vegas demonstrated just such an attack this week, highlighting newly discovered exploits in the drivers for popular Wi-Fi adapters. While their demo was conducted on a Mac Powerbook, they say that any PC with vulnerable Wi-Fi drivers is exposed to this risk. As of this writing, no fixes have been released by any of the major Wi-Fi device companies. The exploit is not yet in the wild - but it's a matter of time. Now that the possibility of this attack is known, we are sure to see it in real life very very soon.
More information at Security IT Hub.
I will be watching this closely.