Flying Drone Hacks

philz1982philz1982 Member Posts: 978
Interesting approach and article. Flying drone, scans for your wireless traffic and then spoofs hotspot to hijack data.

This drone can steal what's on your phone - Mar. 20, 2014

Comments

  • Cert PoorCert Poor Member Posts: 240 ■■■□□□□□□□
    Wouldn't the evil twin access point only be able to target those who sent out probe requests for open WiFi networks? So any WPA/WPA2 network handshake would fail I would think.
    In progress: MTA: Database Fundamentals (98-364)
    Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
    Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
    ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS
  • philz1982philz1982 Member Posts: 978
    Your assuming that the wifi networks that the drones are emulating are even using encryption. When I sit down in the airport I amazed how many non- encrypted Hot Spots pop up...
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    This makes you want to go back to the old fashion flip phone. What I always loved was even when I had my old flip phone and I would receive SMS Trojan text messages even though my phone did not have internet capabilities.
  • Cert PoorCert Poor Member Posts: 240 ■■■□□□□□□□
    philz1982 wrote: »
    Your assuming that the wifi networks that the drones are emulating are even using encryption. When I sit down in the airport I amazed how many non- encrypted Hot Spots pop up...

    Nah, I wasn't assuming. I know it's easy as cake to impersonate an unencrypted open access point like Starbucks, Panera, etc, and this Snoopy tool (among other tools) could easily set up a MITM and evil twin attack.

    I just wanted to know if those of us who don't have any open wireless networks saved on our phones are safe from these attacks. I only have a few home and business networks saved, so I presume the 4-way WPA2-Personal handshake would fail with a drone since it doesn't know the passphrase.

    Regardless, I do still think both Google and Apple need to patch Android OS and iOS so that smartphones and tablets do NOT send out probe requests (active scan) and merely rely on beacons (passive scan) sent by access points. That would really be a step in the right direction for mobile privacy.

    Windows and Mac OS X have already disabled probe requests from being sent out (except for hidden SSID networks), making our laptops safe. It's about time our mobile devices follow suit.
    In progress: MTA: Database Fundamentals (98-364)
    Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
    Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
    ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS
  • philz1982philz1982 Member Posts: 978
    Heard from a friend of mine that there are actual attacks where you can set a pre-paid cell phone that will contact to a wifi hotspot and you can then remote into the phone via a proxy and conduct attacks. Kind of like the USB key drop but active instead of passive.

    Also, you can send stuff via the airwaves from your speakers and if a computer's mic is listening it will allow the hack to pass right through. I don't understand how that could work, and my friend couldn't go into details on it. Anyone else heard of this one?

    -Phil
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Meh, this is just CNN looking for clicks. Using words like "drone" and associating it to data theft of mobile devices will get them exactly what they want.

    In reality none of this is new or particularly interesting.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Regarding your questions about bridging the air gap between systems that are not networked together, you should take a look at 'BadBIOS' malware. Its existence in the wild has been questioned, but one security researcher claims to have discovered it on his own systems.

    I have no idea why TrendMicro decided to publish this recycled information last Friday, but here is a "new" writeup describing at a high-level what you were talking about earlier. BadBIOS itself has been discussed for months now:

    Trend Micro Simply SecuritybadBIOS
Sign In or Register to comment.