New Wi-Fi Attack "AirSnitch" Exploits Vulnerabilities in Layers 1 and 2

A new Wi-Fi attack named AirSnitch exploits vulnerabilities in Layers 1 and 2 by leveraging cross-layer identity desynchronization, enabling full bidirectional machine-in-the-middle (MitM) attacks. The attack can intercept and modify unencrypted traffic, including authentication cookies, passwords, and payment details, particularly when HTTPS is absent—affecting up to 6% of Windows and 20% of Linux page loads as estimated by Google. It also permits DNS cache poisoning and exposes unpatched vulnerabilities, allowing attackers to view external IP addresses and correlate visited URLs. AirSnitch operates across home, office, and enterprise Wi-Fi networks, regardless of SSID or network segment. The attack targets link-layer traffic, enabling further exploitation of higher-layer protocols. No specific CVE IDs or patch dates were mentioned in the report.