Blue Smack is used to targeting networks protected by WPA2 (Wi-Fi Protected Access II) or WPA-PSK (TKIP with a pre-shared key) and uses multiple attack vectors.
The first and original Blue Smack attack vector is used to launch what is known as a “handshake” attack against vulnerable access points.
A handshake is a process where a device attempts to connect to another device in order for them to communicate. As this is one of the most frequent connection processes of a Wi-Fi network, the fact that it was successfully breached means that users are highly at risk of being attacked by malicious actors on public Wi-Fi networks.
The exploit was first seen in a mass attack that targeted Access Points at airports, cafés, and other public spaces around the world.
It was later found in Greece and India and eventually became more prevalent in Israel, where it was used as part of a multi-vector attack against Subway Wi-Fi networks. The attacks targeted multiple devices connected to Subway Wi-Fi networks, with many being compromised and used as a part of a botnet in order to infect users with malicious payloads.
