Cybercriminals can steal all your passwords from thin air with this $25 Wi-Fi hack
November 15, 2016
Seid Yassin (557 articles)

Cybercriminals can steal all your passwords from thin air with this $25 Wi-Fi hack


US and Chinese security researchers have discovered that it is possible to detect a user’s private information by studying the radio signals emitted to provide Wi-Fi internet coverage and how they interact with a person’s body movements.

Researchers from Shanghai Jaio Tong University, the University of Massachusetts Boston and the University of South Florida have developed the WindTalker system, which can analyse sophisticated contemporary Wi-Fi networks and sneakily detect and record passwords by looking at the directions that radio waves travel to provide wireless internet coverage.

Thanks to this ability of being able to triangulate a target using radio signals, Wi-Fi has previously been proven by MIT to work as ‘X-ray vision’, sensing and tracking a person’s exact position through a wall.

Tracking how your fingers move on a smartphone screen

So when you swipe your Android smartphone lock-screen pattern, enter a PIN number or a password in an app, your finger movements alter the radio signal and the movements are imprinted into the signal, meaning that if hackers were controlling a public Wi-Fi access point that your device is connected to, they could then reverse-engineer the signal to figure out what sensitive data you may have typed into your phone.

The researchers set up a malicious public Wi-Fi access point consisting of $20 (£16) antennas, the attacker’s laptop and a $5 Intel networking card in a café. The setup was located a metre away from a target sitting at a table with a smartphone.

Once the user connected to the free Wi-Fi, the WindTalker system was able to extract sensitive data by analysing the radio signals and processing the signals to separate the parts of the signal it needed.

WindTalker was able to accurately spy on and detect the six-digit passwords commonly used by banks and payment apps with an accuracy rate of 68.3%, that quickly rose to 81.7% once they provided their system with enough training examples for specific smartphone models.

The study, entitled When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals, is published in the Association of Computing Machinery’s Proceedings of the 2016 ACM Conference on Computer and Communications Security that was held in Vienna, Austria, from 24-28 October.