Hackers infiltrated an IT exhibition last week and attacked delegates' computers with a new type of wireless attack.
Security experts attending the Wireless LAN Event in London last Wedesday found that anonymous hackers in the crowd had created a Web site that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.
"[This] gets very nasty as we've never seen it before," said Spencer Parker, a director of technical solutions at AirDefense. "It downloads 45 different randomly generated viruses, worms and keyloggers so antivirus software doesn't protect it. It doesn’t recognise the signatures."
Parker said that the hackers walked around the exhibition carrying a Linux-based laptop running software that turned it into a wireless access point. Initially, they labelled the hotspot "Free_Internet_Access", then "BTOpenzone" and then "T-Mobile".
Parker, whose computer was infected by the attack, believes that the Web site was up for half an hour.
The technique has evolved from an "evil twin" attack, where hackers host fake log-in Web sites at commercial Wi-Fi hotspots. This was originally used to lure people into typing in credit card details onto the Web page, so the hacker could steal them.
Parker said he saw a number of suspicious people asking "very advanced questions" at the event.
"I saw guys walking round with company badges and I knew they didn’t work for those firms. Hackers like to know what's going on," he said.
Organisers of the Wireless LAN event could not immediately be contacted for comment.
The registration process at Olympia Exhibition Halls required people to produce a business card as a form of identification. Pre-registration required no form of ID.
Talkback
How is it possible that hackers are always a step ahead of the security experts.
Experts should anticipate all the possible scenario's how to compromise a system.
This is an embarasment for all reputeable software houses that a hacker can create and penetrate security experts systems in matters of hours, where does that leave us.
Now our anti virus software has become wothless.
I sure hope that the security industry is scrambling to come up with an anti weapon.
Thanks
keep an eye on http://www.antiwiphishing.com we have the latest evil twin / wiphishing software and upto date news on this type of threat.
So these "professionals" are using IE on XP boxes that haven't been patched to SP2. I'm gonna take a wild swing and guess that the victims are mostly sales and business staff (you know, the gladhanding idiots who fill conference halls) rather than individuals involved in any kind of technical work
Don,
Do you mean that all those smart people at one of those meetings didn't just shut off all ports before traipsing into an unknown network? Sweet!
Of course, we are all sick of those half-assed hotel networks at conventions. But that just makes it more obvious that you have to be careful.
I certainly battened down the hatches before attending the session on "Hacking Ad Hoc Wireless Networks" at the DC Radisson in February. Nudge nudge, know what I mean?
Well
Maybe one day people wil stop using that which is unsafe and unwashed ie windBloZe how many more times does it have to be made plain that M$ Corp are an not to be trusted bunch of thieving reneagades that steal code from other people / companys claim it as there own and then lead the sheep into the crap heap you will learn one day .
As for outrigh blaming Linux for the failure of what was plainly an WindBloZe problem well i hope they got good lawyers thats all i can say cus unless you got the absolute outright proof be carefull in claims such as that
i have nothing to do with the attack but do not like WILD accusations about Linux that are unfounded after all it is an far superiour system from the ground up
The serious issue here is simply that some people do not have the patience to download and install all those patches. Or they simply don't think it matters.
I know people in the software industry itself who haven't patched their systems to SP2. Perhaps the real issue here is the things SP2 breaks rather than what it fixes.
One workable solution would be to have ISPs promote service patches, firewalls and visus scanners, perhaps even offer the send major updates out on CD. No one would ever trust an email from microsoft anymore, besides which it is the ISP who get effected the most by these issues.
Virus scanners update themselves, but unless you have SP2 already you may never actually get it to download automatically oon dialup or if you aren't online much.