Evil twin (wireless networks)
This article needs additional citations for verification. (July 2016) |
An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications.[1] The evil twin is the wireless LAN equivalent of the phishing scam.
This type of attack may be used to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves setting up a fraudulent web site and luring people there.[2]
Method
The attacker snoops on Internet traffic using a bogus
When users log into unsecured (non-
Fake access points are set up by configuring a wireless card to act as an access point (known as HostAP). They are hard to trace since they can be shut off instantly. The counterfeit access point may be given the same SSID and BSSID as a nearby Wi-Fi network. The evil twin can be configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection,[3] or it can simply say the system is temporarily unavailable after obtaining a username and password.[4][5][6][7]
Using captive portals
One of the most commonly used attacks under evil twins is a captive portal. At first, the attacker would create a fake wireless access point that has a similar
See also
- KARMA attack, a variant on the evil twin attack
- Snarfing
- Wireless LAN Security
References
- ^ Smith, Andrew D. (9 May 2007). "Strange Wi-Fi spots may harbor hackers: ID thieves may lurk behind a hot spot with a friendly name". The Dallas Morning News. Washington, DC: Knight Ridder Tribune Business News. p. 1. Retrieved 6 June 2007.
- ProQuest 249873579.
A security firm used an evil twin as a test to obtain passwords from attendees at an RSA security conference
- ^ "Evil Twin with internet access via legitimate access point : Proof of concept". kalitutorials.net.
- ^ Crossman, Craig (24 August 2005). "Computer Column". Washington, DC: Knight Ridder Tribune Business News.
- ^ Kirk, Jeremy (April 25, 2007). "′Evil Twin′ Hotspots Proliferate". Network World. IDG News Service.
- ^ "'Evil twin' threat to Wi-Fi users". CNN. January 20, 2005.
- ^ Biba, Erinwork (March 15, 2005). "Does Your Wi-Fi Hotspot Have an Evil Twin?". PC World. Archived from the original on August 20, 2008. Retrieved February 4, 2010.
External links
- "Jasager – Karma on The Fon". digininja.org. Rogue AP software.
- "Wifiphisher a tool for Evil Twin Attack". 29 May 2019.