Hotel WiFi Password Hacking is Very Easy, But Also Easy to Prevent

We are back in vacation season again and you are out and about a lot. That exposes your phone to public WIFI networks. It is very easy for someone to steal your valuable information by a simple hack available to most tech oriented users with just a laptop sitting by a pool or a hotel lobby.

As a mobile healthcare app developer for doctors and clinical users, we are always looking ways to ensure the security of your data and share any tips to help you take part of your own mobile security.

On this blog, I will share with you how stealing your passwords can be done so easily by actually explaining how it is done with just a mobile phone, a laptop and a free app.  The purpose of my blog is to educate you and show you how you can also easily prevent getting you and your family trapped into this by actually explaining how this magic is designed.

How It Is Done

Let’s say you stopped by at “Hotel Mocha” to get some coffee and check your social media. Let's say, it offers “Hotel Mocha Guest” as the official access point. The potential intruder sitting in the same cafe does the following;

1.    Create the Same access point ID on his mobile Hot Spot with the same “Hotel Mocha Guest” or create another confusing "Hotel Mocha Free" and wait for the unsuspected victim to connect to his. You would see two "Hotel Mocha Guest" on your WiFI list but don't know which is the right one. 

2.    He has already installed a publicly available software called BetterCap on his laptop and connected to his hot spot and running BetterCap. Please note that BetterCap is a legitimate IT Administration and security tool, and it is used to fend off hackers on the network, but the same capabilities can be used by hackers. 

3.    BetterCap captures victims’ IP addresses accessing through his fake hot spot. With a few commands he can redirect victims address through BetterCap HTTPS proxy.  This is so easily done (instructions) just about anyone understanding the basic Unix system admin skills can do this. 

4.    The victim’s traffic is presented in plain HTTP (no encryption what so ever) and the BetterCap proxy converts the traffic back to HTTPS. Our hacker sees everything you typed in to your browser. For websites, it looks like coming from the user’s computer. This is called MIM (Man in the Middle) attack. Very commonly used from a parked van across from people’s homes, at airports or even within a cabin of an aircraft.

How Man in the Middle Attack is Done

Prevention

1.    Most important. Be suspicious of multiple or duplicate confusing WIFI access point names shown in your WIFI list, like “Hotel Mocha Guest” twice in a row, “Hotel Mocha Free WIFI”, “Hotel Mocha Lobby” or just “Free WIFI”. If your hotel requires a room number and the last name, try typing in random password to test it. If it does not fail, they captured a bait and you just saved yourself a grief.

2.    Always watch your address bar and it is showing “Secure” or “Green” icon. If this turns into non-secure plain HTTP, be suspicious. Today, most commercial sites use HTTPS. 

3.    For important and popular sites, always use 2-Factor authentication. Google, Facebook, Twitter and almost all financial sites all support this. This will require your phone to confirm a login and a second code (don’t get the code via Email though as that’s captured).

4.    Use your own cellular data plans for important access like financial sites or work sites if you can.

A Bit of Our Own Pitch

If you are texting or taking photos/videos and sharing that with your clinical colleagues, our app can help you protect your communications further by:

  • Allowing you to use Google two-factor authentications.

  • Separating your PHI containing information away from your own photo albums and text message rosters.

Please find out more about WinguMD BodyMapSnap on our home page and try it free.