'Evil Twin' Haunts Wi-Fi Users

    Date20 Jan 2005
    Posted ByJoe Shakespeare
    An IT security expert, an academic and the U.K. government's cybercrime unit will give Londoners an introduction to the security dangers of wireless networking on Thursday—with the star of the show being an attack method dubbed the "Evil Twin."

    The Evil Twin is essentially a wireless version of a phishing scam—users think they're connecting to a genuine hot spot but are actually connecting to a malicious server, which can then extract information such as bank details. The attack can be carried out by anyone with the right equipment in the vicinity of a legitimate base station, according to Dr. Phil Nobles, wireless Internet and cybercrime expert at the U.K.'s Cranfield University.

    "The [malicious base station] jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client, thereby turning itself into an 'Evil Twin,'" Nobles said in a statement. Users are invited to connect via a fake log-in prompt, he said. Nobles will be demonstrating this and other attack methods at the Science Museum in London.

    The free event—which also includes presentations from the U.K.'s National High Tech Crime Unit and an IT security specialist—is designed to give the public some idea of the potential dangers they face when using public Wi-Fi hot spots. The U.K. has one of the highest concentrations of Wi-Fi hot spots in the world, with over 1,000 commercial hot spots in London alone. Overall, the U.K. has more than 9,300 hot spots, second only to the United States, with more than 22,000, according to online Wi-Fi guide Jiwire.com.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Which email threat are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"81","title":"Ransomware","votes":"3","type":"x","order":"1","pct":75,"resources":[]},{"id":"82","title":"Business email compromise ","votes":"1","type":"x","order":"2","pct":25,"resources":[]},{"id":"83","title":"Spam email","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.