Install Malware From a Third of a Mile Away

R

rgMekanic

[H]ard|News
Joined
May 13, 2013
Messages
6,943
Cult Of Mac is reporting that a new long range WiFi interception van called WiSear can install malware on an iOS or Android device from a third of a mile away. The van allegedly forces a device to connect to its WiFi access point, and then can use man-in-the-middle attacks to steal data being transferred over the network, or install malware on the device.

Check out the video

$3.5-$5 million seems like a bargain for such a thing. I'm searching for a "if this vans' a rockin'" or "van down by the river" joke, but I'm coming up with nothing.

WiSpear was developed by Tal Dilian, former head of the Israeli Defense Forces signal intelligence corps. The surveillance tool with the van sells for between $3.5 million and $5 million.
 
Fudge.
I can't even get decent wifi setting next to the router and these folks can do it half a mile away.
*sigh*
 
So a kid in Arkansas sells a RAT on a script kiddy website and gets thrown in jail, but you're able to sell this fucking thing?
 
rgMekanic said:
The van allegedly forces a device to connect to its WiFi access point
Click to expand...

Bull. How do you FORCE a device to connect to WiFi?

Unless your device is set to connect to any open WiFi available, and their WiFi signal is the strongest open WiFi available, then your device will never connect to them.

Even if you connected to their WiFi, they would still have to be able to hack the security on your phone to install the malware.
 
nutzo said:
Bull. How do you FORCE a device to connect to WiFi?

Unless your device is set to connect to any open WiFi available, and their WiFi signal is the strongest open WiFi available, then your device will never connect to them.

Even if you connected to their WiFi, they would still have to be able to hack the security on your phone to install the malware.
Click to expand...

At the price this is selling the Van probably comes with some zero day iOS and android exploits from the NSA.
 
Last edited:
They're probably spoofing telecoms' wi-fi. With AT&T you automatically connect to their wi-fi hotspots until you tell your iPhone to forget that network.
 
sfsuphysics said:
And at a certain moment you need to ask yourself "why do I even need a phone on me?"
Click to expand...

If you have to ask yourself that then you are probably in the wrong forum ;). Do you need a phone to live? Not in most cases but it sure does make a hell of a lot of things more efficient and in some cases safer.

Humans are becoming increasingly more connected. You have two choices. You can either embrace the change and try to ensure that security gets baked in (or at least you are secure as possible) or you can get left behind...
 
When I'm travelling to work and back, I already switch off Data and Wifi.

I do have a VPN setup with a Pi2 at home and openVPN.
I've been wondering for a while whether they can hack into the VPN, and i always assume they can.

I know a lot of people who leave Data, Wifi and GPS on all the time.....even when they don't need it.
I do it mostly for the battery. ;)
I get about 3 days usage before having to recharge.
 
nutzo said:
Bull. How do you FORCE a device to connect to WiFi?

Unless your device is set to connect to any open WiFi available, and their WiFi signal is the strongest open WiFi available, then your device will never connect to them.

Even if you connected to their WiFi, they would still have to be able to hack the security on your phone to install the malware.
Click to expand...

Force may not be the right word, more like coerce. But if your WiFi is on, they can force it to connect.
 
A bit much for a van and tech that'll cost no more than $250k max, but then again, governments don't give 2 fucks about money they steal from.
 
Stoly said:
Do they offer free candy? :D:D
Click to expand...

freewifi.jpg
 
NoOther said:
Force may not be the right word, more like coerce. But if your WiFi is on, they can force it to connect.
Click to expand...

That article proves this news is BS.

1- It doesn't work with secured networks. This only works by spoofing a wifi network your phone already knows/trusts. This includes all security settings, including the password. So as long as you only connect to secure networks with WPA/WPA2, you can almost completely mitigate this risk.

2- I'm sure that truck has the power to broadcast radio 1/3 mile, but the wifi hardware on my phone sure as hell can't. So they can advertise the network 1/3 mile away, but none of the packets from my phone are gonna make it back to them.

3- This won't work with any data being sent over an HTTPS/TLS tunnel. If they try to break that SSL chain without a valid (stolen) certificate, you phone will throw a cert error. It would be your own stupidity if you clicked through anyway.


So this article is just about taking a previous/well known hack (rogue access point), and putting it on a truck.... This will only work in a few specific cases, and even then most of the sites have moved to SSL, so it's kind of a moot point. The only tiny concern I would have is data leaking from insecure apps not encrypting data transfer. But I keep that shit off my phone.
 
Biznatch said:
That article proves this news is BS.

1- It doesn't work with secured networks. This only works by spoofing a wifi network your phone already knows/trusts. This includes all security settings, including the password. So as long as you only connect to secure networks with WPA/WPA2, you can almost completely mitigate this risk.

2- I'm sure that truck has the power to broadcast radio 1/3 mile, but the wifi hardware on my phone sure as hell can't. So they can advertise the network 1/3 mile away, but none of the packets from my phone are gonna make it back to them.

3- This won't work with any data being sent over an HTTPS/TLS tunnel. If they try to break that SSL chain without a valid (stolen) certificate, you phone will throw a cert error. It would be your own stupidity if you clicked through anyway.


So this article is just about taking a previous/well known hack (rogue access point), and putting it on a truck.... This will only work in a few specific cases, and even then most of the sites have moved to SSL, so it's kind of a moot point. The only tiny concern I would have is data leaking from insecure apps not encrypting data transfer. But I keep that shit off my phone.
Click to expand...

As far as the article and the truck, I am not sure what the truck is using, but my point was that you can indeed coerce someone to join your WiFi.

There are ways to do it with "secured" networks as well. It depends on the type of security you are using, but its not that hard. I have seen it demonstrated live a number of times now. And just in case you think your WPA2/PSK was secure? Nope, seen that cracked as well. All of this also on a mobile platform. This truck is half a decade late to the party...
 
NoOther said:
As far as the article and the truck, I am not sure what the truck is using, but my point was that you can indeed coerce someone to join your WiFi.

There are ways to do it with "secured" networks as well. It depends on the type of security you are using, but its not that hard. I have seen it demonstrated live a number of times now. And just in case you think your WPA2/PSK was secure? Nope, seen that cracked as well. All of this also on a mobile platform. This truck is half a decade late to the party...
Click to expand...

Yes WPA/2 can be 'cracked', but nowhere near as easy as WEP. They can send your phone a de-auth packet, forcing it to disconnect (Since they didn't put any sort of auth mechanism for that command in the wifi standards). Then they passively grab the 4 way handshake between your phone and the router as you reconnect. Then they can attempt to brute force the PSK from that packet capture. BUT.... It's still a brute force attempt and will only work for short simple passwords. Anything more complex than that would take too long to be realistically considered insecure.
 
  • Like
Reactions: PaulP
like this
I have the Wifi turned off on my phone mainly to reduce battery draw, but this is another good reason.
 
If a stingray can spoof being a legitimate cell phone tower and intercept phone data it really isn't too much of a stretch to believe this.
 
Draax said:
If a stingray can spoof being a legitimate cell phone tower and intercept phone data it really isn't too much of a stretch to believe this.
Click to expand...

This is a MUCH MUCH bigger privacy concern, but still can't do MITM on any data sent over an encrypted tunnel. They can however get your phone conversations and texts using this and there is zero way to protect yourself, unlike the wifi 'hack'.


But that may not protect us for long. I have zero doubt the technologically illiterate dinosaurs in congress will pass some kind of stupid legislation that forces manufacturers to add a trusted cert from the government allowing them to perform MITM attacks on all encrypted data without alerting the user. But it's of course to 'protect the children' and 'monitor turrorists'..... That will be followed by legislation banning direct VPN tunnels, and will most likely either require handing your keys over, or using the ISP as a middle man so they can scan all the traffic. According to the government, encryption is the enemy and only turrorists/predators use it, so we should be fine allowing them to scan/store all our data.... Scary times ahead.
 
Last edited:
Exavior said:
its a good thing I use a windows phone. ;)
Click to expand...

No I am sorry but there just isnt any excuse for that. If I were your mom I would probably tell you to go wash your mouth out with soap for saying such a dirty thing ;).
 
kju1 said:
No I am sorry but there just isnt any excuse for that. If I were your mom I would probably tell you to go wash your mouth out with soap for saying such a dirty thing ;).
Click to expand...

My lumia was one of the best phones I owned. Camera was top of the line, and the phone worked as a *gasp*.... phone.... Never locked up/slowed down or required a reboot. If you didn't need a bunch of apps, it was a really nice product. Too bad they didn't push hard on app porting/development and instead just killed the product.... It's never bad to have extra competition in the field. Now we are stuck with either google or apple.
 
Biznatch said:
That article proves this news is BS.

1- It doesn't work with secured networks. This only works by spoofing a wifi network your phone already knows/trusts. This includes all security settings, including the password. So as long as you only connect to secure networks with WPA/WPA2, you can almost completely mitigate this risk.
/QUOTE]

you sure??? how do you know they don't know something you don't? $5 million is a lot to ask for something that doesn't work. im pretty sure they can prove it works or they wouldn't sell a single one.
Click to expand...
 
Biznatch said:
My lumia was one of the best phones I owned. Camera was top of the line, and the phone worked as a *gasp*.... phone.... Never locked up/slowed down or required a reboot. If you didn't need a bunch of apps, it was a really nice product. Too bad they didn't push hard on app porting/development and instead just killed the product.... It's never bad to have extra competition in the field. Now we are stuck with either google or apple.
Click to expand...

Agree, I loved my 1520. Wish I would have went with the 950 XL instead of just the 950 but still think it is a great phone.
 

I didn't say it doesn't work, it just only works in limited cases and can be mostly mitigated with a few settings on your phone and some common sense.
 
Just like the company selling equipment that intercepts cellphone traffic.

The laws aren't made for the masses, they're made for the privileged.

OpenSource said:
So a kid in Arkansas sells a RAT on a script kiddy website and gets thrown in jail, but you're able to sell this fucking thing?
Click to expand...
 
You must log in or register to reply here.
Back
Top