To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/malware/0,3800003100,39129840,00.htm


Hackers attack IT conference
Revenge of the evil twin

By Dan Ilett

Published: Monday 25 April 2005

Hackers infiltrated an IT exhibition last week and attacked delegates' computers with a new type of wireless attack.

Security experts attending the Wireless LAN Event in London last Wedesday found that anonymous hackers in the crowd had created a website that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.

"[This] gets very nasty as we've never seen it before," said Spencer Parker, a director of technical solutions at AirDefense. "It downloads 45 different randomly generated viruses, worms and keyloggers so antivirus software doesn't protect it. It doesn’t recognise the signatures."

Parker said that the hackers walked around the exhibition carrying a Linux-based laptop running software that turned it into a wireless access point. Initially, they labelled the hotspot "Free_Internet_Access", then "BTOpenzone" and then "T-Mobile".

Parker, whose computer was infected by the attack, believes that the website was up for half an hour.

The technique has evolved from an "evil twin" attack, where hackers host fake log-in websites at commercial Wi-Fi hotspots. This was originally used to lure people into typing in credit card details onto the web page, so the hacker could steal them.

Parker said he saw a number of suspicious people asking "very advanced questions" at the event.

"I saw guys walking round with company badges and I knew they didn’t work for those firms. Hackers like to know what's going on," he said.

Organisers of the Wireless LAN event could not immediately be contacted for comment.

The registration process at Olympia Exhibition Halls required people to produce a business card as a form of identification. Pre-registration required no form of ID.

Dan Illet writes for ZDNet UK


Quick Sitemap Links: