‘Evil Twin’ Works As Hacker’s WiFi
Hackers using false wireless access points to illegally grab personal information are now targeting locations busy with high 'net' worth people. Millions of computer systems could be potentially affected.
The attacks are 'evil twin' that work by fixing a 'wireless access point' close by a 'commercial hotspot' and assigning it the same name. The double risk does not include picking up someone's username and password for the hotspot. When the user connects to his bank, the hacker is able to log on to the former's banking security details. This 'evil twin' installs 45 different randomly produced viruses, worms or keyloggers, which anti-virus product is unable to protect. They would not recognize the signatures.
The point here is that the "hotspot" to which the user connects isn't actually the café's WiFi hotspot. It belongs to some hacker in that area, possibly sitting just next to the surfer, using a laptop set up to operate as an access point - the machine through which the innocent surfer connects to the Internet.
As the unwitting user logs on to the phony hotspot, the intruder monitors the communication and gathers personal information and in some cases, even hijacks the computer remotely.
According to Richard Rushing at WiFi security firm, AirDefense, one does not see these in 'Starbucks' much, as a MySpace login does not carry much value. Rushing informed that the 'evil twins' were recently found in the first-class lounge of an international airport. They were also spotted in garages specializing in expensive cars and that offer WiFi while the customer waits. Other targets were train station lounges.
This 'evil twin' attacks use a combination of social engineering and hacking. A key part is imbibing a false sense of security in the mind of the suspect but imitating a legitimate service. The attacks also indicate the limit to which hackers have to handle 'information overload' by gliding rapidly over too much information for active processing.
Security managers are experiencing these attacks as a growing problem. On one hand, corporate WiFi networks are increasingly being tied down by undesirable installations and on the other, the individual user has become the weakest link.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 27-11-2006