a.x61.sh

Police allege ‘evil twin’ in-flight Wi-Fi used to steal info • The Register (www.theregister.com)
from GreenEngineering3475@lemmy.world to privacy@lemmy.ml on 01 Jul 2024 18:15
https://lemmy.world/post/17117779

#privacy

threaded - newest

autotldr@lemmings.world on 01 Jul 2024 18:20 next collapse

This is the best summary I could come up with:

Australia’s Federal Police (AFP) has charged a man with running a fake Wi-Fi networks on at least one commercial flight and using it to harvest fliers’ credentials for email and social media services.

The man was investigated after an airline “reported concerns about a suspicious Wi-Fi network identified by its employees during a domestic flight.”

The AFP subsequently arrested a man who was found with “a portable wireless access device, a laptop and a mobile phone” in his hand luggage.

It’s alleged the accused’s collection of kit was used to create Wi-Fi hotspots with SSIDs confusingly similar to those airlines operate for in-flight access to the internet or streamed entertainment.

Airport Wi-Fi was also targeted, and the AFP also found evidence of similar activities “at locations linked to the man’s previous employment.”

AFP Western Command Cybercrime detective inspector Andrea Coleman pointed out that free Wi-Fi services should not require logging in through an email or social media account.

The original article contains 364 words, the summary contains 158 words. Saved 57%. I’m a bot and I’m open source!

SatansMaggotyCumFart@lemmy.world on 01 Jul 2024 18:30 next collapse

You can tell because it has a goatee.

[deleted] on 01 Jul 2024 18:51 next collapse

[deleted] on 01 Jul 2024 21:37 next collapse

bdonvr@thelemmy.club on 02 Jul 2024 00:05 next collapse

I feel like with the advent of nearly ubiquitous unlimited mobile data plans (in some parts of the world) a lot less people use public WiFi. However on a plane you have little choice, so it makes sense.

ResoluteCatnap@lemmy.ml on 02 Jul 2024 05:19 next collapse

The article said the man had done similar with airport wifi and a place of prior employment. But the airplane one is an odd choice

delirious_owl@discuss.online on 02 Jul 2024 05:57 next collapse

What do you do when you’re locked in a flying tin can and bored out of your mind?

Some of us just fire up Kali and play

Hugin@lemmy.world on 02 Jul 2024 15:43 collapse

If you are trying to steel credentials from people with power and money passengers in first class are a good target.

Where else are you going to find a cluster of people like that that are using the wifi and are going to be there for hours. It’s about as optimal as I can think of.

Even better if you are targeting a spefic company. Just pick flights out of the headquarters for that company.

If you want to attack say Microsoft pick a flight from Seattle to DC. Pretty good odds of a Microsoft high up being on the flight and wanting to use the wifi for work.

barsquid@lemmy.world on 01 Jul 2024 22:24 next collapse

This sounds like it could be a combination FCC and FAA felony.

barsquid@lemmy.world on 01 Jul 2024 22:25 collapse

Oops, nope, I was thinking of the wrong country.

delirious_owl@discuss.online on 02 Jul 2024 06:00 collapse

They arrested him? What was the crime?? People connected to his network. Its not like he hacked their network.

GreenEngineering3475@lemmy.world on 02 Jul 2024 06:03 next collapse

emphasis added by me From the article:

The man was investigated after an airline “reported concerns about a suspicious Wi-Fi network identified by its employees during a domestic flight.”

It’s alleged the accused’s collection of kit was used to create Wi-Fi hotspots with SSIDs confusingly similar to those airlines operate for in-flight access to the internet or streamed entertainment. Airport Wi-Fi was also targeted, and the AFP also found evidence of similar activities “at locations linked to the man’s previous employment.”

Wherever the accused’s rig ran, when users logged in to the network, they were asked to provide credentials. The AFP alleges that details such as email addresses and passwords were saved to the suspect’s devices.

The charges laid against the man concern unauthorized access to devices and dishonest dealings. None of the charges laid suggest the accused used the data he allegedly accessed.

However three charges of “possession or control of data with the intent to commit a serious offence” suggest the alleged perp was alive to the possibilities of using the data for nefarious purposes.

possiblylinux127@lemmy.zip on 02 Jul 2024 06:24 collapse

Cybercrime is illegal just like stealing or committing fraud

delirious_owl@discuss.online on 02 Jul 2024 14:26 collapse

Cybercrime is usually defined as unauthorized system access.

How is running a free WiFi AP a crime?

possiblylinux127@lemmy.zip on 02 Jul 2024 14:56 collapse

Because you are stealing peoples data and credentials.

delirious_owl@discuss.online on 02 Jul 2024 15:11 collapse

So the airline is also comitting a crime?

possiblylinux127@lemmy.zip on 02 Jul 2024 15:24 collapse

They aren’t stealing login data to my knowledge