Overview
- AirSnitch is a set of attacks that lets someone on the same Wi‑Fi network intercept traffic and perform man‑in‑the‑middle actions despite client isolation.
- The techniques exploit the absence of cryptographic linkage across Layers 1–3, enabling device impersonation and traffic redirection without breaking network passwords.
- Researchers demonstrated four bypass methods: abusing shared group keys, Gateway Bouncing, spoofing a victim’s MAC to capture downlink, and spoofing backend device MACs to seize uplink.
- The team validated the issue on five consumer routers from major brands, two open‑source firmware builds (DD‑WRT and OpenWrt), and two university enterprise networks.
- The paper notes the attacks can be complex in modern environments but urges manufacturers and standards bodies to adopt stronger, standardized client‑isolation requirements, with no vendor fixes reported yet.