96
Police allege ‘evil twin’ in-flight Wi-Fi used to steal info • The Register (www.theregister.com)
submitted 2 days ago by GreenEngineering3475@lemmy.world to c/privacy@lemmy.ml
17 comments fedilink hide all child comments
top 17 comments
sorted by: hot top controversial new old
[-] Vanth@reddthat.com 18 points 2 days ago

Doesn't this seem like an inefficient way to go about? Locked in a flying tin can with the same ~100 people for a few hours. I would think a public library or busy transit station would net way more info, with the added advantage of not being locked in if someone starts getting suspicious.

[-] delirious_owl@discuss.online 10 points 2 days ago

What do you do when you're locked in a flying tin can and bored out of your mind?

Some of us just fire up Kali and play

[-] Hugin@lemmy.world 4 points 2 days ago

If you are trying to steel credentials from people with power and money passengers in first class are a good target.

Where else are you going to find a cluster of people like that that are using the wifi and are going to be there for hours. It's about as optimal as I can think of.

Even better if you are targeting a spefic company. Just pick flights out of the headquarters for that company.

If you want to attack say Microsoft pick a flight from Seattle to DC. Pretty good odds of a Microsoft high up being on the flight and wanting to use the wifi for work.

[-] bdonvr@thelemmy.club 13 points 2 days ago

I feel like with the advent of nearly ubiquitous unlimited mobile data plans (in some parts of the world) a lot less people use public WiFi. However on a plane you have little choice, so it makes sense.

[-] ResoluteCatnap@lemmy.ml 5 points 2 days ago

The article said the man had done similar with airport wifi and a place of prior employment. But the airplane one is an odd choice

[-] SnotFlickerman@lemmy.blahaj.zone 21 points 2 days ago* (last edited 2 days ago)

Who hides in a Pineapple from the FCC?

EDIT:

[-] autotldr@lemmings.world 9 points 2 days ago

This is the best summary I could come up with:

Australia’s Federal Police (AFP) has charged a man with running a fake Wi-Fi networks on at least one commercial flight and using it to harvest fliers’ credentials for email and social media services.

The man was investigated after an airline “reported concerns about a suspicious Wi-Fi network identified by its employees during a domestic flight.”

The AFP subsequently arrested a man who was found with “a portable wireless access device, a laptop and a mobile phone” in his hand luggage.

It’s alleged the accused’s collection of kit was used to create Wi-Fi hotspots with SSIDs confusingly similar to those airlines operate for in-flight access to the internet or streamed entertainment.

Airport Wi-Fi was also targeted, and the AFP also found evidence of similar activities “at locations linked to the man’s previous employment.”

AFP Western Command Cybercrime detective inspector Andrea Coleman pointed out that free Wi-Fi services should not require logging in through an email or social media account.

The original article contains 364 words, the summary contains 158 words. Saved 57%. I'm a bot and I'm open source!

[-] barsquid@lemmy.world 4 points 2 days ago

This sounds like it could be a combination FCC and FAA felony.

[-] barsquid@lemmy.world 6 points 2 days ago

Oops, nope, I was thinking of the wrong country.

[-] SatansMaggotyCumFart@lemmy.world 2 points 2 days ago

You can tell because it has a goatee.

[-] delirious_owl@discuss.online -2 points 2 days ago* (last edited 2 days ago)

They arrested him? What was the crime?? People connected to his network. Its not like he hacked their network.

[-] GreenEngineering3475@lemmy.world 6 points 2 days ago* (last edited 2 days ago)

emphasis added by me From the article:

The man was investigated after an airline “reported concerns about a suspicious Wi-Fi network identified by its employees during a domestic flight.”

It’s alleged the accused’s collection of kit was used to create Wi-Fi hotspots with SSIDs confusingly similar to those airlines operate for in-flight access to the internet or streamed entertainment. Airport Wi-Fi was also targeted, and the AFP also found evidence of similar activities “at locations linked to the man’s previous employment.”

Wherever the accused’s rig ran, when users logged in to the network, they were asked to provide credentials. The AFP alleges that details such as email addresses and passwords were saved to the suspect’s devices.

The charges laid against the man concern unauthorized access to devices and dishonest dealings. None of the charges laid suggest the accused used the data he allegedly accessed.

However three charges of “possession or control of data with the intent to commit a serious offence” suggest the alleged perp was alive to the possibilities of using the data for nefarious purposes.

[-] possiblylinux127@lemmy.zip 5 points 2 days ago

Cybercrime is illegal just like stealing or committing fraud

[-] delirious_owl@discuss.online 2 points 2 days ago

Cybercrime is usually defined as unauthorized system access.

How is running a free WiFi AP a crime?

[-] possiblylinux127@lemmy.zip 1 points 2 days ago

Because you are stealing peoples data and credentials.

[-] delirious_owl@discuss.online 0 points 2 days ago

So the airline is also comitting a crime?

[-] possiblylinux127@lemmy.zip 1 points 2 days ago

They aren't stealing login data to my knowledge

this post was submitted on 01 Jul 2024
96 points (99.0% liked)

Privacy

29810 readers
770 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz