WPS that is enabled out of the box default on popular routers. Router brands such as Dlink, Zyxel, TP-Link, Linksys and many other popular brands
expose the customers WiFi router to malicious hacker attacks.
Due to vulnerabilities in the WPS pin code authentication allows remote black hat hackers to carry out brute force attack.
They can conduct the Brute force attack online or offline depending on the advanced grade of attack.
If the router is vulnerable to WPS attack it is due to a guessing vulnerability.
Typically there will be more than 100 million attempts to break in the PIN code rendering it very unlikely to be cracked.
However the vulnerability can allow it to be done in less than 20.000 attempts.
And with more sophisticated attacks it can even be much less than that.
Vendors released new Firmware update for the routers to prevent this attack from happening by securing the routers.
Most average users will have no idea how to login to their router and install a new firmware.
Many times when a new firmware is installed it will flash the router and reset all configuration values.
So the user needs to export the configuration before the upgrade and import the configuration again.
However if the user do this wrong they might loose all values and then need to hire a consultant to reconfigure everything.
A popular tactic by the vendors to prevent the attack is to build in a delay in the connections and when too many pin connections are detected block of the attacker.
However Attackers found a way around this by launching DoS attacks crashing the target router.
Audit the WPS Wifi Networks for vulnerabilities.
WPS Cracking Recovery of WiFi Passwords.
Password Recovery Software for Windows 8 , Windows 7, Mac OS X.
Use the Portable Penetrator Professional Pen Testing suite to audit your own Access Points for vulnerabilities and secure them.