Some iPhones Duped by Impostor Wi-Fi Hotspots
Some iPhones autoconnect to potentially dangerous Wi-Fi hotspots.
Turns out this rose wouldn't smell as sweet by any other name.
Experts from security research company SkyCure have uncovered a security vulnerability in the carrier configuration settings of some iPhones that could cause the phones to autoconnect to unsafe networks.
The vulnerability stems from the phones' Wi-Fi settings on carriers like AT&T and Vodafone, a top British-based worldwide cellular carrier, as well as more than a dozen other carriers from around the world. Phones from these carriers are programmed to automatically connect to open Wi-Fi networks with certain SSIDs (service set identifiers), or names, such as "attwifi" or "BTWiFi," a common SSID used by carrier British Telecom.
The purpose of this setting is convenience: AT&T, like many other carriers, operates a certain number of open Wi-Fi networks for its customers, and configures its phones to autoconnect to these networks when they are available, according to a blog post on SkyCure's website.
The problem is that anyone can create a Wi-Fi network and name it "attwifi." Personal Wi-Fi networks can be named any combination of letters, numbers and characters.
Cybercriminals and spammers have been taking advantage of this loophole to spy on and steal information from the unsuspecting customers of these carriers.
The criminal only has to set up a W-Fi network and give it the same name as an SSID that the phones are programmed to find via autoconnect. Once the phones are connected, the criminals have a window into your device from which they can spy on your activity and even steal your account information.
These types of activities are called "man-in-the-middle" attacks because they involve an illicit third party that intercepts connections between a customer and a valid access point.
This vulnerability is particularly dangerous because it occurs automatically; your phone can be compromised without you even doing anything. Fortunately, it's easy to prevent. First, you should turn your phone's Wi-Fi off when you're not using it, which will keep your phone from connecting to harmful networks and will also save your battery.
You can also change your phone's settings so it won't autoconnect to any networks.
The SkyCure experts demonstrated the vulnerability at the Tel Aviv International Cyber Security Conference last week (June 12).
Vodafone has since responded to SkyCure's report; the company told Tech Week Europe that it employs an authentication protocol that will still keep its users safe.
It's unclear if this vulnerability will also affect Android and Windows phones on the specified carriers. Any phone programmed to autoconfigure to an SSID is theoretically at risk.