New cloud-based hacking service can crack Wi-Fi passwords in 20 minutes

A new, cloud-based hacking service says it can crack a WPA Wi-Fi network password in just 20 minutes.

Announced on Monday, the $34 "WPA Cracker" service is a tool for security auditors and penetration testers to test breaking into certain types of WPA networks.

The service leverages a known vulnerability in Pre-shared Key (PSK) networks usually used by home and small-business users.

To use it, the tester first submits a small file that contains an initial communication between the WPA router and a computer. Based on that information, WPA Cracker can then figure out whether the network is vulnerable to a type of attack.

According to the service's website:

WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over five days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes, for only $17.

The service was launched by security researcher Moxie Marlinspike. In an interview with PC World, he said that he got the idea for the service after discussing how to speed up WPA network auditing with other security experts.

The $34 price tag is for the whole cluster. Using half the cluster costs $17, but the job could take 40 minutes.