Nowadays Wifi enabled devices are most used as they are reliable and faster but ever you wondered you can be hacked and how easy it is to hack people in public.
Interesting facts demonstrated by one of the renowned hackers, Jayson Street, who said all it is needed is to walk around with the right device to get into someone’s device.
Let’s jump into the video showing that how easy it is to hack smartphone and laptop in public places by setting up EvilAP (malicious access point).
What Is EvilAP?
Ability to create a rogue access point.
Jayson Street used a simple penetration testing device and an internet connection to pwn people around him.
Evil Twin Attack is used by hackers to fools wireless users into connecting their devices to an evil hotspot by showing it as a Legitimate WiFi provider.
Once the user is connected, all the user’s information transfers through attacker’s device allowing attackers to steal sensitive data like passwords, network traffic, cookies and can redirect you to malware and phishing sites.
How to become safe from EvilAp or Evil Twin Attack?
Internet of Evil Things, providing insight on products that the IT professionals on many of the connected device concerns that we tracked in the 2016 IoET, released its yearly industry report by Pwnie Express.
1)Turn your WiFi Off – Turn your Wi-Fi off when you are not using it, It limits the exposure to hackers, saves power. In Smartphone, a feature called as Improve Location Accuracy, Apps and services may scan for Wifi network even when the Wi-fi is Turned off.
This feature should be turned off as it may connect automatically to an EvilAP set up by an attacker.
2) Change your passwords – Do change your passwords regularly and set up a strong, secure password and don’t use the default credentials.
3) Enforce HTTPs – Simply put, HTTPs (SSL) connections are more secure than open HTTP connections and bring added protection to sessions.
4) Validate connections – Many public hotspots have multiple networks and knowing which one to connect can make your session secure.
5) Use a VPN – Many organisation still leave some application un-encrypted, so the simple solution is to use VPN connection to access the resources.
Here are the 5 steps to protect you from EvilAPattack. Do you have any idea or tip to prevent EvilAP or something I am missed? Share your idea and tips with us in comments.