Australian Arrested for Evil Twin Wi-Fi Attack on Airplane

The Australian Federal Police have charged a man (whose name has not been disclosed) for carrying out Evil Twin Wi-Fi attacks on various domestic flights and in airports in Perth, Melbourne, and Adelaide. Using this method, he hijacked other people’s email accounts and collected login credentials for social networks.

The investigation began in April 2024 after employees of an unnamed airline reported a suspicious Wi-Fi network on one of their domestic flights. Law enforcement officers eventually detained the man, finding a “portable wireless access device, a laptop, and a mobile phone” in his carry-on luggage. After obtaining a warrant, police searched the 42-year-old suspect’s home, arrested him, and filed charges.

What Is an Evil Twin Attack?

An Evil Twin attack involves setting up a malicious or fake Wi-Fi access point that uses the same SSID as a legitimate network in a specific area. For example, many airlines offer in-flight Wi-Fi, requiring passengers to connect to the airline’s network. In this case, the perpetrator imitated the airline’s network by creating another network with the same SSID, which he fully controlled.

Typically, users trying to connect to such malicious access points are redirected to a fake login page or website, where they are asked to sign in using their email address, password, or other credentials.

Details of the Incident

According to reports, the arrested Australian used a portable device to create Wi-Fi access points that required users to log in with their email or social media accounts. Such fake networks were discovered in the airports of Perth, Melbourne, and Adelaide, as well as on several domestic flights and in locations connected to the suspect’s previous workplace.

The man collected these credentials and could have used them to access other confidential information, take over social media accounts, extort victims, or sell the data to other criminals.

Charges and Legal Consequences

The charges against the man relate to unauthorized access to other people’s devices and illegal access to personal information. Notably, none of the charges allege that the accused actually used the data he obtained. However, one of the charges includes “possession of data with the intent to commit a serious crime,” indicating that the suspect clearly knew how to use the collected data for criminal purposes.

The accused has been released on bail but is prohibited from certain online activities.

Police Recommendations for Public Wi-Fi Safety

Law enforcement officials remind the public that free Wi-Fi networks should not require you to log in with your email or social media accounts. They also recommend disabling file sharing, avoiding the use of important applications (such as banking apps) while on public networks, and manually removing connections after use to prevent devices from automatically reconnecting.

Interestingly, the Australian Federal Police also advised public Wi-Fi users to “install a reliable VPN on your devices to encrypt and protect your data while online.”