As I was sitting in a hotel lobby recently while waiting for a business colleague, I observed something very familiar connected to a man's laptop commonly known as a Wi-Fi Pineapple.
The Wi-Fi Pineapple is a hacking device that allows an attacker to launch a "Man in the Middle" or MiTM attack by inspecting the data flow between the victim and any resources he accesses on the web via a Wi-Fi connection.
This small box equips the hacker with a versatile surveillance and information-gathering tool.
From a surveillance perspective, it will reveal the names of all the Wi-Fi networks the victim connected to on the highway, in hotels, and airports. The victim's computer will cycle through all of the network identities (names) it has previously used. The captured information is then sent in the clear and can be captured by the Wi-Fi Pineapple. The same applies to smartphones, tablets and laptop PCs.
All of the network names to which it had previously connected are disclosed over a few minutes. This information could be used to establish a profile of the device owner–where he lives, works, phone contacts, personal email addresses and more.
So the question becomes: "What is the best protection?" The answers are simple.
- Shut-off the Wi-Fi on your portable device and only use Wi-Fi in secure environments only. If Wi-Fi isn't enabled, then there's no privacy or security risk.
- Do not connect to a Wireless Network without your computer's firewall activated.
- When you are not using the connection then disconnect it. Never leave it open in the background.
- When at the airport waiting for a flight and you see an SSID named "Free Airport Wi-Fi", DON'T OPEN IT!
The hacking device is about the size of a cigarette packet and is also available with only one antenna.
Sunset Blvd. Investigations, Inc. is always watching out for you. Please feel free to call us with your concerns. SBI is there for you!
NOTE: SBI does not promote any product that is referenced in this blog.