Wifi Rogue Connection
Many users are under the misconception that leaving their smartphone WiFi switched ON only leads to a persistent battery drain. While this is not inaccurate, the truth is that there is another threat to be aware of. This is the threat of the ‘evil twin’.
Anyone who has used WiFi on a smartphone knows that once a network SSID (the name of the network itself) and other details have been entered, the device automatically connects to this network whenever it is in range. This makes one wonder what happens when there is no visible network in range when the WiFi is turned ON.
The smartphone sends and receives probing requests
Once the WiFi has been enabled on a device, it scans the airwaves for all available networks in the vicinity in two simultaneous ways. ‘Passive scanning’ occurs when the device listens for networks that broadcast themselves and ‘Active scanning’ occurs when the device actively probes for all networks that it has connected to in the past. This discovery process is carried out constantly until the device finds a network to connect to.
The dangers of probing requestsWhile this in itself is not a threatening scenario for users, the real issue here is that when the device probes for networks it actively broadcasts the various network SSIDs it prefers. An attacker can obtain this information easily and this reveals the unaware users’ preferred networks and other location sensitive data.
|WiFi Evil Twin wherein your device can be connect to a network without informing you, or without your permission.|
Advanced attackers can take this a step further and create a rogue connection, or an ‘evil twin’, which possesses the exact same SSID that the device is scanning for. Thus he can force the device to connect to his network and this enables him to intercept and transfer information with consummate ease. If you think this is extremely complex to achieve then you will be surprised to learn that all an attacker needs is a functional router and some freely available software to accomplish this.