Evil twin

from Wikipedia, the free encyclopedia
Атака злой двойник.jpg

A EvilTwin (dt. "Evil twin") in the wireless network technology is placed fraudulently Wi-Fi -Zugriffspunkt, which is about based on the known SSID appears trustworthy -Namens, but actually secretly overhears the wireless traffic. The Evil Twin in wireless LAN is similar to a phishing attack.

This attack method can be used to steal confidential information such as passwords from inexperienced users. This is done either by monitoring the connections or directly by phishing , which includes setting up a fraudulent website and misleading the user, for example by means of a registration mask copied from a known website.

method

The attacker recorded the data traffic with the Internet with the help of the faked access point. Ignorant users may be instructed to log into the attacker's server in order to obtain confidential information such as username and password . Users often do not know they have been scammed long after the incident occurred.

As soon as a log-in takes place on a portal that is not secured by https , the attacker interrupts the transmission through the hardware and software used and can therefore read the access data unencrypted. The attacker could also connect to other networks connected with the users' credentials.

Fake access points, so-called rogue APs, are set up as access points using a WLAN device or software. They are hard to find as these can be turned off quickly. The fake access point can be assigned the same SSID as a known, nearby Wi-Fi network. The Evil Twin can be configured to route internet traffic to the legitimate access point while monitoring the victim's connection. It can simply be specified that the system will be temporarily unavailable after receiving a username and password.

See also

Web links

Individual evidence

  1. Franz Fanter: Evil Twins - Fraud with fake WLAN spots. Norddeutscher Rundfunk, July 7, 2016, accessed on January 9, 2019 .