A 42-year-old Australian man has been charged by the Australian Federal Police (AFP) for allegedly conducting ‘evil twin’ Wi-Fi attacks on domestic flights and at airports in Perth, Melbourne and Adelaide.
The man has been accused of creating fake Wi-Fi access points to steal email and social media credentials from unsuspecting travellers.
The AFP started investigating in April 2024 after airline employees reported suspicious Wi-Fi networks during a flight. The man was later arrested following searches of his baggage and home, which uncovered a portable wireless access device, a laptop and a mobile phone.
Talk about a flight risk
An ‘evil twin’ attack involves setting up a fake wireless access point with the same SSID as a legitimate network, making it hard for unsuspecting victims to distinguish which is legitimate. Those who connect to the malicious network may be redirected to a fake login page, prompting them to enter their credentials, which can be used to access sensitive data, hijack accounts or be sold to other cybercriminals.
The AFP stated: “The analysis is ongoing to determine the extent of the alleged offending.”
AFP Western Command Cybercrime Detective Inspector Andrea Coleman advised travellers to install a reputable VPN on their devices to encrypt and secure their data when using the internet. Coleman added that legitimate free Wi-Fi networks shouldn’t require any personal details.
The man faces several charges, including unauthorized impairment of electronic communication, possession of data with intent to commit a serious offense, unauthorized access or modification of restricted data, and dealing in personal financial information, with the heaviest carrying a maximum penalty of 10 years in prison.
Though this type of attack is regularly carried out in labs, it’s rarely observed in the wild. Its execution earlier this year could signify growing interest in this type of attack, highlighting yet another vector that citizens should be aware of.
