Beware Of “Free Wi-Fi” Scam

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
There is a new scam going around right now that seems to be using the offer of free Wi-Fi as bait to trick people into logging on to an ad hoc, peer-to-peer network run by criminals. Here’s how the scam works:

You go to an airport or other hot spot and fire up your PC, hoping to find a free hot spot. You see one that calls itself "Free Wi-Fi" or a similar name. You connect. Bingo -- you've been had! The problem is that it's not really a hot spot. Instead, it's an ad hoc, peer-to-peer network,
Click to expand...
 
Not really a surprise. It's been happening for a few years now.
 
The only Wi-Fi I use is on a Nintendo DS. :D

What's the potential harm for loggin into this scam network?
 
so that's what that is. my system is so locked down I toy with them.

!!!!!! FTW!
 
I've always wondered it... it's like you are setting up yourself a nice honeypot.
 
*euphemism.

It's a clever scam, but people should still be careful. You don't just frolic into a joint and start using any Wi-Fi you detect.

You should know that nothing good is free, and that businesses are greedy and would rather catch fire than give you free wi-fi! :p
 
God-damnet!

/fail

I'm not really into networking. Can't afford any of the nice toys yet. Someday though.
 
Yeah this is not really new. I've seen them at LAX and Ohare for 2 years and just assumed this sort of thing was happening. They're just sharing some cellular based net connection and people jump right on.
 
You don't need much. My college runs a honeynet project and they were goign to try to virtualize 3 machines (and a host OS) on a P3 something w/ 256MB of ram. Not sure if they succeeded :)
 
I was going to offer free EVDO "on the road" wifi to people when I go on my LAN trips, but I guess that people would be scared away now, lol

My idea was that anyone following would recieve free EVDO internet :) Don't ask me, it just sounds like a cool idea.
 
I can verify that "Free WiFi" ad-hocs are running in the Austin, Atlanta, Tampa and SF terminals as of last week.
 
I saw those in Denver, O'Hare, Sacramento, Dulles, and Nashville airports. I think they're just about everywhere. I even connected to one but couldn't get to the internet. LOL
 
So I was curious about this attack and how it might be applied to VPN, SSH1/2, and SSL. Summary, safety is not guaranteed.

Here's what I found:

VPN & MITM
SSL & MITM
SSH1/2 & MITM

These are all interesting reads. Unless I misunderstand, in all cases verification of a shared secret must be performed.

Further here's an interesting discussion on ARP & MITM.
 
Okay... I travel a lot, and I've seen this for quite a few years. On one flight, I found the "Free Public Wifi" SSID, while in the air, and there were two other PCs on it -- very weird. So I did some port scanning and found the machines on the ad-hoc "Free Public Wifi" network were not "hax0rs"... they were normal people, running windows XP. When I landed, I did some research and found the following article:

http://blogs.chron.com/techblog/archives/2006/09/free_public_wif.html

In a nutshell, these adhoc networks are not necessarily anybody malicious, and the propagation of them is not a virus, though they are viral.

However, you should still be careful any time you're on an unencrypted/WEP wireless network, or on a network whose origins you aren't sure of -- that applies always.

Just remember, though, that the likelihood that ALL of these adhoc networks are evil hax0rz trying to steal your password is the exception, not the rule.
 
hence why I never keep any personal data or anything else important on my wifi enabled laptop that I travel around with. Well, plus I run Cain & Abel on it so I can haxor back. ;) :D
 
Don't quote me on this but this is my theory:

Go to an airport with a satellite internet connection, 2 LAN ports, 2 ethernet cords, and a wireless router. Hook up one ethernet cord to the router and have the connection loop back to your computer. Bridge the connection of the satellite connection and the LAN connection going to the router. Name the router SSID 'free-wifi' or whatever and have people connect. Then all you have to do is ARP poison the router and watch the passwords roll in.
 
DarkStar02 said:
Don't quote me on this but this is my theory:

Go to an airport with a satellite internet connection, 2 LAN ports, 2 ethernet cords, and a wireless router. Hook up one ethernet cord to the router and have the connection loop back to your computer. Bridge the connection of the satellite connection and the LAN connection going to the router. Name the router SSID 'free-wifi' or whatever and have people connect. Then all you have to do is ARP poison the router and watch the passwords roll in.
Click to expand...
Or you can just be running Cain & Abel on your laptop and there would be no need for all the extra hardware to bring along... Just ARP poison the network by resolving the gateway IP.
 
I'm not entirely sure about this, but can't you tell the difference between an ad-hoc network and a "normal wifi connection"? (I believe the icons are different).
 
adri1456 said:
I'm not entirely sure about this, but can't you tell the difference between an ad-hoc network and a "normal wifi connection"? (I believe the icons are different).
Click to expand...

It depends on what you use to look for the networks. Netstumbler will for sure tell you the difference, Windows wireless network does too, not sure about each individual program though. I believe they do, but not sure. The majority of these people who are flying around are salesmen, as we all know, don't know that great deal of IT stuff. How do majority of viruses come into the network? I'll tell you this, it's not through the carefully configured firewalls ;)
 
adri1456 said:
I'm not entirely sure about this, but can't you tell the difference between an ad-hoc network and a "normal wifi connection"? (I believe the icons are different).
Click to expand...

A hacker can always carrya proper AP with them :)
 
You must log in or register to reply here.
Back
Top