pineapple attack

Wifi Pineapple Can Steal User Data

Who would have thought that something called a Pineapple might be able to steal user data?! Don’t be fooled by the innocent name as this device absorbs everything from your laptop or smartphone. 

The first Pineapple was released in 2008 by Hak5, a company that creates tools for penetration testers to use in order to expose vulnerabilities within their company.

The Pineapple works similarly to a WiFi access point, with multiple radios to interface with hundreds of devices at once. This allows for the execution of complicated network attacks.

“When I invented the Wi-Fi Pineapple, I saw that Wi-Fi had inherent flaws that made it vulnerable to spoofing attacks,” said Darren Kitchen, the founder of Hak5. “A lot of nefarious types had already taken advantage of these weaknesses, but the majority of people weren’t aware of the problem. I figured if information security people had access to a device that could easily exploit these flaws, it would raise awareness and get things fixed.”

The Pineapple in the hands of hackers can collect sensitive, personal information from unsuspecting users on public WiFi networks.  Hackers can obtain passwords used by people who use their Pineapple network while thinking they are on public WiFi.

These devices are quite small, they can easily be hidden from plain sight.  There are even smaller compact ones called Pineapple Nano, which fits into the USB port of your computer.

As a person connects to the Pineapple’s WiFi connection, it broadcasts all browsing traffic to the owner of the Pineapple.  The only exception to this is if the user is using a Virtual Private Network (VPN) to encrypt their web traffic or if the user is visiting pages secured by Secure Hypertext Transfer Protocol (HTTPS).  Pages with HTTPS prevent eavesdroppers from viewing what websites a user visits as well as protect their web habits.

Original Article Found Here.

  • 72