Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that attempts to steal data from unsuspecting people.
Attackers can create fake access points in supermarkets, coffee shops, and malls that impersonate real ones already established at the location. This is done to trick users into connecting to the rogue access points and relay sensitive data through the attackers' devices.
As the threat actors control the router, they can capture and analyze the transferred data by performing man-in-the-middle attacks.
Trustwave's security researcher and wireless/RF tech enthusiast
Tom Neaves explains that spoofing the MAC addresses and SSIDs of legitimate access points on open networks is trivial for determined attackers.
The devices of those who revisit the locations of open wireless networks they previously connected to will automatically attempt to reconnect to a saved access point, and their owners will be oblivious to the fact that they connecting to a malicious device.
