Two Hackers have Created WiFi Content Spoofing Device

Two Hackers have Created WiFi Content Spoofing Device

Two hackers have successfully built a device which is capable of connecting to wireless networks in range. It is also capable of then altering the Web content users access. It is built by Julian Oliver and Danja Vasiliev and has already been tested in cafe shops of Berlin.

There's a small circuit board in the 12 cm long casing with an Atheros chipset and an antenna. It is running  on a customized Linux distribution and designed for embedded systems. This device performs an automatically search for wireless networks in range and tries to connect using passwords supplied in advance. A reverse SSH tunnel is established with a remote server, allowing attackers to control the device from a distance. This reverse SSH tunnel uses 2048-bit encryption and is routed over Tor nodes, making it virtually impossible to determine where the attackers are located. 
The device launches ARP (Address Resolution Protocol) spoofing attacks in order to position itself as a gateway between the other wireless clients and the real router.This allows attackers to manipulate content passing through it. The research project, dubbed "Newstweek," demonstrates this by altering news headlines from popular websites.
The two hackers told IDG that they plan to release a complete manual which will teach people to create their own devices for under 50 euros.