Evil Twin, the hacker attack that mimics public networks

Summer brings with it heat waves but also new hacker attacks, designed to take advantage of the less attention of victims at this time of year. Among these, one of the most used, and with the highest percentage of engagement, is called Evil Twin: it is a hacker attack which induces users to connect to a fake Wi-Fi access point since it mimics a legitimate network. Let’s find out the details together.

Here is Evil Twin, the hacker attack that mimics public networks

Massimo GrandessoManaged Detection & Response BL Manager di Innovery, explains specifically what these Evil Twin attacks are. Grandesso stated:

Evil Twin attacks get their name from their ability to mimic legitimate Wi-Fi networks, such as that of a coffee shop, airport, public park, and are nearly impossible to identify. Once the user connects to the malicious network he will find himself completely at the mercy of the criminal, who will have access to all the pages on which the victim will browse.

If from an illegitimate network, for example, we were to access our bank account, or work network, all this data could easily be hacked, including company credentials. This type of attack is not limited to just computers but any tool that connects to the wireless network, such as mobile phones and tablets, is vulnerable.

This means that public WiFi networks e hotspot they may be the new preferential attack vector for cybercriminals. Evil Twin bindings are simple to make, and don’t require particularly sophisticated technical skills. It also appears that this type of attack has a high success rate.

A hacker simply has to search for a known location with free WiFi, take note of the SSIDe set up a new account with the same name. As with legitimate networks, the hacker will set up a page “captive portal”where the user enters a password the altar basic information to access the network.

Once the bogus login page setup is done, the hacker can bring your device closer o router to potential victims to create a stronger signal. By doing so, he will be able to convince the victims to choose your network than weaker ones, and force some devices to connect automatically. Unfortunately, it’s nearly impossible to distinguish between a legitimate and a fake captive portal page.

Prevention is better than cure

It is very difficult to detect this type of attack; however, you can pay attention to what you do and therefore try to safeguard yourself. We report them below.

• Avoid unsecured Wi-Fi hotspots;
• Use a VPN to protect traffic: a VPN can help protect against an Evil Twin attack by encrypting data before a hacker sees it;
• Stick to HTTPS websites: When using a public network, make sure you only visit HTTPS websites, which offer a crittografia end-to-end;
• Use two-factor authentication: Adding two-factor authentication to your private accounts is a great way to prevent hackers from accessing them.