Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

SXSW: 'Hot-spot honeypot' hacker's heaven

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 12 Mar 2012 03:09:19 -0500 (CDT)
http://news.cnet.com/8301-27080_3-57394887-245/sxsw-hot-spot-honeypot-hackers-heaven/

By Elinor Mills
InSecurity
CNET News
March 10, 2012
AUSTIN, Texas -- Some funny things were happening at the South by Southwest conference here today. My virtual private network connection kept getting disabled, and even stranger, on a friend's laptop a window popped up showing an animated cartoon cat flying through the air with a rainbow in its wake.
The image, known as Nyan Cat after a popular 2011 Internet meme, immediately alarmed me because it was used by the hacker group LulzSec on at least one occasion. I joked about being hacked, and my friend quickly turned off his laptop.
A few minutes later we found the culprit around the corner standing in a Starbucks line: Darren Kitchen, founder of the Hak5 show, who had just given a talk about security at the conference. In his session he demonstrated for the audience how easy it can be to intercept unsecured Wi-Fi connections with a special router and custom software he wrote that he calls the WiFi Pineapple. His talk was appropriately titled "Securing Your Information in a Target Rich Environment." During the demo, audience members who were surfing the Web were surprised when the silly music that plays during the Nyan Cat video blared out of their laptops.
Thousands of SXSW attendees with lots of social-media moxie but little to no security savvy were easy prey for a hacker like Kitchen. The interface he was using on his Galaxy Note smartphone showed a long list of BlackBerrys, iPhones, Androids, and laptops that thought they were connecting to the hotel or Starbucks Wi-Fi (which uses the name "attwifi"), but were actually being tricked by Kitchen's WiFi Pineapple. "Nobody has any sense of security here," he said, scrolling through the list of devices connected to his Wi-Fi router. 

[...]


______________________________________________________________________________
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill
Previous By Date Next
Previous By Thread Next

Current thread: