Daily London
A 44-year-old man has been jailed for creating fake “evil twin” WiFi networks at multiple Australian airports.
He was also convicted of hacking into women’s online accounts to steal intimate material.
The man used a portable wireless access device, known as a WiFi Pineapple, to listen for requests of people trying to join networks at Perth, Melbourne and Adelaide airports as well as on domestic flights.
When detecting a request, the WiFi Pineapple instantly created a matching network with the same name, tricking a device that it was a trusted network.
The device would then connect automatically.
The network took unsuspecting people to a webpage where they were prompted to log on using an email or social media account.
That data was then saved on the man’s device.
The man then illegally accessed social media and other accounts linked to women to monitor communication and steal private and intimate images and videos.
The AFP was alerted in April 2024 after an airline reported staff had found a suspicious WiFi network which mimicked a legitimate one point on a domestic flight.
Investigators searched the man’s hand luggage when he arrived at Perth Airport from interstate.
A portable wireless access device, laptop and mobile phone were seized.
A search warrant was executed at a home in Perth’s Palmyra.
Forensic analysis identified thousands of intimate images and videos, personal credentials , and records of fraudulent WiFi pages.
The day after the search warrant, the man deleted 1752 items from his account on a data storage application and unsuccessfully tried to remotely wipe his mobile phone.
Later that month the man used a computer software tool to access his employer’s laptop to access confidential online meetings between his employer and the AFP regarding the investigation.
AFP Commander Renee Colley said the AFP remained “committed to the identification of cybercriminals who used sophisticated technology”.
“Cybercrime is a growing global threat, and our investigators are relentless in tracking down criminals who attempt to exploit digital anonymity to attack our community,” Commander Colley said.
“The AFP’s message to the community is to please be vigilant when connecting to any kind of free WiFi network, especially at public places such as airports.
“A network that requests your personal details – such as an email or social media account – should be avoided.
“If you do want to use public WiFi, ensure your devices are equipped with a reputable virtual private network (VPN) to encrypt and secure your data. Disable file sharing, don’t use things like online banking while connected to public WiFi and, once you disconnect, change your device settings to ‘forget network’.
“People should also switch off the WiFi on their devices to prevent them being automatically connecting to a hotspot in public spaces.”
The man pleaded guilty to multiple charges, including five counts of cause unauthorised access or modification of restricted data, contrary to section 478.1 of the Criminal Code (Cth) and three counts of attempt to cause unauthorised access or modification of restricted data, contrary to section 478.1 of the Criminal Code (Cth).
He will spend seven years and four months’ in jail, with parole after five.
The man was sentenced in Perth District Court yesterday.
