Anonymity Cyber Threats in Public Spaces.


Fixxx

Fixxx

Moder
Joined
20.08.24
Messages
446
Reaction score
1,297
Points
93
1724887847554.png
Cyber threats can be encountered not only when working on an office computer or downloading pirated games to a home laptop. Sometimes cybercriminals operate in the most unexpected places: in shopping malls, catering establishments, airports or hotels. Some threats are quite common while others are almost non-existent due to the implementation costs exceeding the potential benefit for the perpetrator. Knowing where the threat may be hiding is less likely to fall victim to scammers.


Public Wi-Fi networks.

Open networks in subways, cafes, hotels and other public places carry several threats. Through them cybercriminals can steal money and confidential data, infect your device and use it for their own purposes. Criminals often operate in places with a large concentration of people, especially tourists: at train stations, airports, near popular attractions. Cybercriminals can intercept data using special programs - sniffers if the traffic is not encrypted or not encrypted well enough. All a hacker needs is a laptop or smartphone and to be near the access point. Cybercriminals will see everything you enter on your device at that time: from login and password on social networks (in this case the session identifier will be intercepted) to credit card number and CVC code.

The most common danger is the theft of personal data through open Wi-Fi networks. Hackers can intercept data from users using public Wi-Fi in public places. Skimming (equipment for cloning cards) on ATMs and payment terminals is still encountered. Criminals can install skimmers to copy data from bank cards and access the financial resources of victims. To protect against cyber threats in public places it's recommended not to enter personal data on public devices, monitor your banking transactions and avoid connecting to open Wi-Fi networks.

Another way to obtain a victim's data or steal money is through fake Wi-Fi networks. In this case the criminal opens an access point in a public place. The network has either a common neutral name such as "Wi-Fi Free" or a name similar to an existing network in that location, for example "Coffe House" instead of "Coffee House."

Cybercriminals can lure users to fake websites for purchasing and booking tickets through Wi-Fi networks through which they can obtain personal data for further embezzlement. The sites may be indistinguishable from real ones simply located on different IP addresses but due to the intercepted session users will be directed to fakes. Also when updating applications users may have trojan programs installed and remote administration tools may be left on devices through which cybercriminals will gain control over all data and the user's device. Moreover, cybercriminals can intercept data transmitted by device owners. Therefore it's very important not to use public networks without protection and remain vigilant when working with personal data if avoiding it's not possible.

In April 2024 cyber police reported the detection of a new type of fraud related to public Wi-Fi networks, as a result of which users lost their accounts in Telegram. After connecting to a fake network the user receives a message demanding authorization through Telegram. The victim enters the code and loses access to their account.

If you have already connected to such a network and realized it - first of all, immediately turn off Wi-Fi. Secondly, try to remember what you were doing while connected to it. If you entered a code from Telegram or WhatsApp - go to the app immediately and log out of all devices. If you used passwords somewhere - change them immediately. The main thing is to use mobile internet for this. Companies for protection can switch their networks to connection using certificates, so account credentials will not be transmitted over the air.

For security reasons, information security specialists recommend not connecting to public Wi-Fi networks unnecessarily, not authorizing on other sites through social networks and not conducting banking operations, but using the network only for safe actions such as checking the weather or mapping a route on a map.


QR codes.

QR codes are widely used - they are used in cafes to leave tips and open electronic menus, rent electric scooters, view detailed information about a product or service. Often, an ordinary person doesn't think before scanning a code - it happens almost reflexively, as if in passing. And cybercriminals take advantage of this carelessness or lack of awareness. They stick a fake code over a real one as was the case in Moscow with the electric scooter service or place their own fake ads with QR codes. For example, scammers posted announcements about replacing the intercom in entrances in St. Petersburg. Fraud using QR codes is called "QRishing". This is one of the phishing options and the risks for the victim of deception are the same - device infection, data and money loss. IT security specialists recommend not scanning everything in a row, checking the URL for a secure connection, using trusted applications for scanning QR codes and disabling automatic actions when scanning a code.


ATMs and payment terminals.

To steal card banking data and money cybercriminals use skimmers. Skimmers are miniature devices for data theft hidden inside regular card readers. After the hardware intercepts the data the thief takes it to create a card clone or simply commit fraudulent actions. Perhaps the scariest part is that skimmers often don't interfere with the normal operation of card readers making them difficult to detect. In addition, dishonest employees of hotels, cafes or entertainment venues may use card readers.


Your own gadgets and IoT devices with Bluetooth.

Due to the simplicity and prevalence of various hacker devices "for enthusiasts" like Flipper Zero, HackRF One, Pwnagotchi and others, you can increasingly encounter BLE spam. Moreover, for spam attacks over the Bluetooth Low Energy protocol, Bluetooth LE Spam applications can be used. The application sends connection requests that simulate Google Fast Pair, Microsoft Swift Pair as well as Easy Setup services and simulate various Apple devices. In this case the phone screen of the attack victim will be flooded with a mass of fake messages requesting connection to various non-existent Bluetooth devices such as headphones, consoles, microphones.
In addition to BLE spam attacks cybercriminals can remotely activate and control your IoT devices. In April 2024, cybersecurity specialists managed to hijack a Tesla using a $169 Flipper Zero and Wi-Fi board.

In addition to financial damage the ability for remote access can have very serious consequences for a person's health and life. Computer security specialist Barnaby Jack from IOActive where he was involved in assessing medical devices, discovered vulnerabilities in insulin pumps and pacemakers. With just a laptop a criminal could potentially reset all the contents of an insulin pump into a patient's pancreas causing instant death or program a pacemaker to deliver a strong electric shock. Fortunately, real cases of exploiting these vulnerabilities are currently unknown.


Flash drives and USB cables.

Every person is curious to some extent and cybercriminals build their traps on this quality. They place a malicious chip in some device, often a flash drive. Upon finding a flash drive in a public place a person is likely to want to see what is on it. After connecting the flash drive to a computer the scammer gains access to the victim's device.

Criminals use small controllers like Arduino to simulate keyboard operation. The device is usually placed in a casing from a regular flash drive to avoid suspicion, although the casing can actually be disguised as any other USB device. This "flash drive" is left in a crowded place until a curious person picks it up and plugs it into their computer, laptop or phone. The "flash drive" pretends to be a keyboard and starts typing malicious code. Such devices can be purchased on marketplaces. To protect against this technique antivirus solutions with the ability to protect against unauthorized USB connections can be used. Also it's advisable to adhere to a simple piece of advice: don't insert foreign flash drives into your devices.

Following the same principle the O.MG Cable, which has gained popularity recently, works with a malicious chip that allows remote access to connected devices.


Smartphone charging stations.

It may seem more convenient to charge your phone at charging stations than to carry a power bank or your charging cable with you. While you may indeed recharge your device you are simultaneously at risk of falling victim to cybercriminals. The FBI warned about an unusual threat in 2023. Criminals have devised ways to use USB ports in public places to inject malicious software into devices. For example, public charging cables may be connected to a computer through which a criminal can obtain user data. Additionally, cybercriminals embed special devices in charging cables making the user's gadget vulnerable upon connection. Protecting yourself from this threat is simple - just avoid using shared charging stations and other people's cables. If it's necessary to charge your phone and there are no other options - enable the charging-only option without data transfer and use a cable adapter with wires only for power transmission.

In addition to attacks through charging devices there are other complex attacks that can be implemented in public places but they are extremely rare due to their complexity and high costs for cybercriminals. For example:
  • Attack through public USB ports: Cybercriminals can install malicious software on public USB ports in public places to infect user's devices when connected.
  • Bluetooth attacks: Cybercriminals can exploit vulnerabilities in Bluetooth connections to gain access to user's devices and intercept their data.
  • NFC (Near Field Communication) attacks: Cybercriminals can use vulnerabilities in NFC technology to transfer malicious data to user's devices with NFC enabled.
  • RFID (Radio-Frequency Identification) attacks: Cybercriminals can scan and copy RFID tags used in access cards or contactless payment systems to gain unauthorized access to buildings or financial resources.
These attacks require specialized knowledge and resources on the part of cybercriminals so they are rarely encountered but it's important to be aware of potential risks and take measures to protect your data when using public networks and devices.

Not all cyber attacks are aimed at stealing information or causing harm. There are cases where cyber pranksters hack information boards, switch TV channels in public places using devices like Flipper Zero or hack sex toys just for fun. For example, someone played an adult movie on a giant screen in the center of Almaty and the company ESET conducted research and warned about the insecurity of apps for "smart" intimate toys.


Conclusion.

The boundary between the digital and analog worlds is becoming less noticeable and the territory of cyber threats is constantly expanding. It's important not to lose vigilance and when you step away from your computer desk and go outside. Whether you are walking in a shop or waiting for your flight at the airport it's equally important to be wary of pickpockets and cybercriminals.
 
Last edited:
You must log in or register to reply here.
Top Bottom