headerIMG

B2B Articles - August 06, 2010 - By Ironpaper

AT&T Wi-Fi hot spot exploit for iPhones

Any wireless network can be posed as an AT&T Wi-Fi hot spot and thus trick iPhone users into an untrusted network connection making them vulnerable to attack. Iphones can be subject to such "man-in-the-middle" attacks because the devices are preconfigured to associate attwifi as AT&T Wi-Fi hotspots.

If an iPhone had been previously connected to an AT&T Wi-Fi zone then the device will ignore the MAC address requirement for automatic connection. No other form of authentication would be needed for the device to trust the network. As iPhones auto join the "hotspot" connection named attwifi, a would-be attacker could easily redirect the devices or steal credentials as they go to websites or more.

Solution: It is possible to disable the automatic joining of the AT&T Wi-Fi network, but you must be connected to such a network in order to change the preference.

Source: https://news.cnet.com/8301-27080_3-20003455-245.html?tag=mncol;txt
Samy Kamkar: an independent researcher based in Los Angeles

Tel 212-993-7809  

Ironpaper ®
10 East 33rd Street 
6th Floor
New York, NY 10016
Map

Ironpaper - B2B Agency

B2B Marketing and Growth Agency.

Grow your B2B business boldly. Ironpaper is a B2B marketing agency. We build growth engines for marketing and sales success. We drive demand generation campaigns, ABM programs, B2B content, sales enablement, qualified leads, and B2B marketing efforts. 

Ironpaper Twitter Ironpaper Linkedin