A 42-year-old Australian has been charged by the Australian Federal Police (AFP) with allegedly carrying out ‘evil twin’ Wi-Fi attacks on domestic flights and at airports in Perth, Melbourne and Adelaide.
The man is accused of creating fake Wi-Fi access points to steal email and social media data from unsuspecting travelers.
The AFP launched an investigation in April 2024 after airline employees reported suspicious Wi-Fi networks during a flight. The man was later arrested after a search of his luggage and home found a portable wireless access device, a laptop and a mobile phone.
Talk about a flight risk
An “evil twin” attack involves setting up a fake wireless access point with the same SSID as a legitimate network, making it difficult for unsuspecting victims to distinguish which one is legitimate. Those who connect to the malicious network may be redirected to a fake login page, where they are asked to enter their credentials, which can be used to access sensitive data, hijack accounts, or be sold to other cybercriminals.
The AFP mention: “The analysis is still ongoing to determine the extent of the alleged violation.”
AFP Western Command Cybercrime Detective Inspector Andrea Coleman advised travellers to install a reliable VPN on their devices to encrypt and protect their data when using the internet. Coleman added that legitimate free Wi-Fi networks should not require any personal details.
The man faces multiple charges, including unlawful obstruction of electronic communications, possession of data with intent to commit a serious crime, unauthorized access to or alteration of confidential data, and trading in personal financial information. The most serious charge carries a maximum sentence of 10 years in prison.
While this type of attack is regularly performed in labs, it is rarely seen in the wild. Its execution earlier this year could indicate a growing interest in this type of attack, highlighting another vector that citizens should be aware of.