Security experts attending the Wireless LAN Event in London last Wedesday found that anonymous hackers in the crowd had created a Web site that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.
"[This] gets very nasty as we've never seen it before," said Spencer Parker, a director of technical solutions at AirDefense. "It downloads 45 different randomly generated viruses, worms and keyloggers so antivirus software doesn't protect it. It doesn't recognise the signatures."
Parker said that the hackers walked around the exhibition carrying a Linux-based laptop running software that turned it into a wireless access point. Initially, they labelled the hotspot "Free_Internet_Access", then "BTOpenzone" and then "T-Mobile".
Parker, whose computer was infected by the attack, believes that the Web site was up for half an hour.
The technique has evolved from an "evil twin" attack, where hackers host fake log-in Web sites at commercial Wi-Fi hotspots. This was originally used to lure people into typing in credit card details onto the Web page, so the hacker could steal them.
Parker said he saw a number of suspicious people asking "very advanced questions" at the event.
"I saw guys walking round with company badges and I knew they didn't work for those firms. Hackers like to know what's going on," he said.
Organisers of the Wireless LAN event could not immediately be contacted for comment.
The registration process at Olympia Exhibition Halls required people to produce a business card as a form of identification. Pre-registration required no form of ID.
ZDNet UK's Dan Ilett reported from London. For more coverage from ZDNet UK, click here.
I know exactly why those hackers operated those WiFi laptops. It was simply to prove with that whoever arranged the conference did not have a clue about security. Microsofts WiFi solutions leak like a sieve. By the way, you don't have to be hacker or specially well educated IT-professional in order to do the exact same thing anywere in London city for that matter.
As long as naive IT-executives don't understand the basics of security their systems will be completely transparent. The very reason the hackers used Linux operating systems, is obvious!
Who want's to be hacked while hacking?
Please! Continue to use Windows and other Microsoft products, so we know what you are up to.
Your laptops are wide open to anybody to read and even watch the porn downloaded into those executives laptops hahaaahhaaa!