Most people believe that using Wi-Fi in public places is safe as long as there is a password needed to access the service, rather than the public ones with open access.
However, there are assorted methods used by hackers to get into Wi-Fi services and in particular a set of software and techniques we’ll call Wi-FiX (not the real name).
Sadly, Wi-FiX is available on the Internet to anyone with programming skills.
The basic method used involves the software creating a fake Wi-Fi access point that mimics the real ones on the selected network. Then it jams any messages to the real access points and posts up a message requesting login and password. The user cannot get around this so enters their login and password and then the software relays on the messages to the real wi-fi access point so the user believes everything is OK again, but the fake Wi-FI access point is recording all of the traffic.
In that data may well be logins and passwords, credit card details etc.
The details are complex but below is a simple technical explanation
- The victim is deauthenticated from their access point. WiFiXcontinuously jams all of the target access point’s wifi devices within range.
- WiFiXcopies the target access point’s settings. It then creates a rogue wireless access point that is modelled on the target. It also sets up a NAT/DHCP server and forwards the relevant
- The victim is requested to re-input login and password which WiFiX can use to access the genuine access point. The victim joins the hacker’s rogue access point.
The victim continues to use the Wi-Fi unaware that all of their messages are being copied and examined for confidential information etc.
Always be wary of using Wi-Fi outside of your home and office.
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.