Airplane WiFi clone used to steal passengers’ data

A West Australian man is suspected of using his hand luggage to mimic legitimate networks in an attempt to steal travelers’ personal details.

The Australian Federal Police (AFP) charged the man for harvesting fliers’ data on at least one commercial flight. According to the authorities, the investigation was launched after an airline reported concerns about a “suspicious WiFi network identified by its employees during a domestic flight.”

AFP investigators searched a 42-year-old’s luggage and seized several devices and discovered personal credentials of other people along with fraudulent WiFi pages.

“Investigators searched the man’s baggage when he returned to Perth Airport on a flight from interstate on April 19th, 2024, and seized a portable wireless access device, a laptop, and a mobile phone from his hand luggage. They also searched his Palmyra home,” the AFP said.

The police allege that the man created ‘evil twin’ free WiFi networks to coax unsuspecting victims into connecting. Meanwhile, users would connect to the networks, thinking they were using a legitimate service.

“The AFP alleges that when people tried to connect their devices to the free WiFi networks, they were taken to a fake webpage requiring them to sign in using their email or social media logins. Those details were then allegedly saved to the man’s devices,” the AFP said.

Authorities believe email and password details harvested in such attacks could be used to gain unauthorized access to users’ personal accounts. For example, attackers could take over communications, view stored images, and access bank details.