Russian hack OPCW: What is a WiFi Pineapple?

In many large-scale hacking attacks or data theft via public networks, a so-called WiFi Pineapple is used. This also happened, for example, with the hack at the OPCW in April, which the MIVD discovered. But does such a WiFi device actually work? What happened, and why were the hackers caught?

What happened?

An example of an attack using a WiFi Pineapple is the infiltration of Russian hackers on the OPCW, a chemical weapons ban organization based in The Hague. The hackers attempted to break into the organization to gain information about an investigation into Sergei Skripal, who was poisoned in Britain and an investigation into a chemical attack on the Syrian city of Duma. A WiFi Pineapple was used to penetrate the OPCW's network. Defense was able to thwart this hacking attack. It is not the first major hacking attempt by GRU, the Russian military intelligence service. In 2014 they tried to penetrate the Belgian Ministry of Foreign Affairs.

The Pineapple is being developed by the Hak5 company. With such a device you broadcast a wireless network and all the collected data traffic can be read with it. It can be used to test your own network. But you can also use such a Pineapple to steal data. The Russian hackers who tried to hack into the Organization for the Prohibition of Chemical Weapons (OPCW) in The Hague also had Pineapples in their possession (see later in this article.

Owning a Pineapple is not illegal, but using one to extract data is of course. The device is available in two different versions, one that you connect to your laptop via USB (the regular Wifi Pineapple) and one in the form of a router, the Wifi Pineapple Tetra. Since the device is available from a hundred dollars, they are very accessible to network administrators and criminals alike.

Criminals mainly abuse the WiFi devices to steal data via open networks

fake network

These criminals mainly misuse the Wi-Fi devices to steal data over open networks. For example, by giving the WiFi Pineapple the same network name as popular open networks. Think of WiFi in the train or the network names of Starbucks, McDonalds and hotels. Unsuspecting people connect to this network and smartphones, tablets and laptops that were connected to the network before even automatically connect to this fake Wi-Fi network. All unencrypted data traffic that runs through this network can be read.

Criminals can also carry out targeted attacks, for example by setting up such a fake network at a company, so that employees connect unsuspectingly. With this you can loot many company secrets, from documents to logins.

These kinds of attacks that steal data are called 'man in the middle' attacks. The criminal reads your data as a kind of intermediary. Same as spyware, with no malware involved.

How do you protect yourself?

Such a simulated network can easily read all unencrypted data. By encrypting your data traffic, the attacker can do almost nothing with it. The best security is to use a VPN on your mobile devices. It is also advisable to check whether the sites you visit and apps you use encrypt network traffic via HTTPS. For example, by checking whether sites have a green lock.

Another helpful tip is to clean up your list of saved Wi-Fi networks every now and then. Automatically connecting to the network in the bus, train, restaurant and shop is convenient. But it's better to 'forget' the networks on your mobile device and only connect to them manually when you need Wi-Fi. Also remember that connecting via 4G is always more secure than a Wi-Fi network that is not yours. So are you going to get started with internet banking, your tax return or other sensitive online matters? Always connect to your own network or the mobile network of your provider.

Was this all?

However smart such a WiFi Pineapple may seem, it is a fairly simple device for hackers. Now that the clouds of dust around Bijleveld's press conference have lifted and the information has been analysed, another thought comes into play: how is it possible that four Russian secret agents try to hack into an international body with a device that you can use for a hundred dollars? can buy online?

It almost feels amateurish. The hackers immediately tried to penetrate the WiFi network of the OPCW, but made the necessary mistakes. The question was already asked during the press conference: is this all? Was this the hackers' ultimate attempt to get their hands on key information about flight MH17 or the Skripal case, or was it just a diversion and the real hack will take place later - or has it already happened?

These are questions to which we do not yet know the answer. What we can say is that not only is using a WiFi Pineapple to hack networks illegal, it's also far from foolproof.

Recent Posts

$config[zx-auto] not found$config[zx-overlay] not found