Wi-Fi hack experiment : Avast hacks 2000 users at MWC 2016 to demonstrate the risks of free public Wi-Fi
We all know that using free public Wi-Fi is the riskiest aspect of Internet. Using free public Wi-Fi could land you in mega trouble if somebody hacks your computer using the vulnerabilities associated with it. Avast tried to demonstrate the MWC visitors just that by hacking their connections to the free public Wi-Fi given by Avast.
Avast revealed results of a Wi-Fi hack experiment conducted at the Barcelona Airport the weekend before the start of Mobile World Congress (MWC 2016) to demonstrate how at risk people really are on public WiFi. The experiment reveals that most users (visitors to MWC 2016) threw caution to the wind when looking for a public Wi-Fi connection, risking being spied on and hacked by cybercriminals.
For the experiment, Avast researchers set up Wi-Fi networks next to the Mobile World Congress registration booth at the Barcelona Airport. The Wi-Fi network names were “Starbucks”, “Airport_Free_Wifi_AENA“ and “MWC Free WiFi” — Wi-Fi names (SSIDs) that are either commonplace or that look like they were set up for the congress visitors.
As we all know, today’s smartphones are often set to connect to known SSIDs automatically. This generally leads users to either trust or overlook the networks they are connecting to. While convenient for many, this feature bears the risk of being spied on by cybercriminals who set up a false Wi-Fi network with a common SSID. Moreover, with any Wi-Fi network that does not request a password, the Web traffic can be visible to anyone. To mitigate these risks, simple Wi-Fi monitoring tools are available for free online.
In just 4 hours, Avast saw more than 8 million data packets from more than 2,000 users. To protect people’s privacy, the researchers scanned the data, but did not store it. Avast learned the following about the Mobile World Congress visitors:
- 50.1 percent had an Apple device, 43.4 percent had an Android device, 6.5 percent had an Windows Phone device
- 61.7 percent searched information on Google or checked their emails on Gmail
- 14.9 percent visited Yahoo
- 2 percent visited Spotify
- 52.3 percent have the Facebook app installed, 2.4 percent have the Twitter app installed
- 1 percent used dating apps (Tinder or Badoo)
- From 63.5 percent Avast could see the identity of the device and user
“Many individuals recognize that surfing over open Wi-Fi isn’t secure. However, some of these same people aren’t aware that their device might automatically connect to a Wi-Fi network unless they adjust their settings,” said Gagan Singh, president of mobile at Avast. “With most Mobile World Congress visitors traveling from abroad, it’s not surprising to see that many opt to connect to free Wi-Fi in order to save money, instead of using data roaming services. When taking this route, people should utilize a VPN service that anonymizes their data while connecting to public hotspots to ensure that their connection is secure.”
It would be advisable for users to heed Singh’s warning and never use free public Wi-Fi for making financial transactions or using personal identifiable information on such networks.