A large number of the wireless Internet connections in Brazil are exposed to man-in-the-middle (MitM) attacks because they're not secured properly, a researcher has warned.
André Luis Pereira dos Santos conducted experiments to determine how difficult it would be for an attacker to hijack Wi-Fi connections and capture users' data. The problem, according to the expert, is that the routers provided by many Brazilian Internet service providers (ISPs) to customers use MAC address authentication, instead of wireless security protocols like WEP or WPA.
A report provided by the researcher to SecurityWeek shows that three main elements have been used in the experiments: a DD-WRT wireless access point (AP), a high-gain omnidirectional antenna, and a physical or virtual server with proxy/MitM software installed on it.
By configuring the AP with the same service set identification (SSID) and basic service set identification (BSSID) as the targeted AP, an attacker can intercept both SSL and non-SSL traffic within the antenna's range by using open-source proxy software such as mitmproxy. As an evasion tactic, the attacker can drive around in a car while capturing data, Pereira dos Santos noted.