“The technology equipped on the drone, known as Snoopy, looks for mobile devices with Wi-Fi settings turned on,” Fink reports. “Snoopy takes advantage of a feature built into all smartphones and tablets: When mobile devices try to connect to the Internet, they look for networks they’ve accessed in the past. ‘Their phone will very noisily be shouting out the name of every network its ever connected to,’ Sensepost security researcher Glenn Wilkinson said. ‘They’ll be shouting out, ‘Starbucks, are you there?…McDonald’s Free Wi-Fi, are you there?’”
“That’s when Snoopy can swoop into action (and be its most devious, even more than the cartoon dog): the drone can send back a signal pretending to be networks you’ve connected to in the past. Devices two feet apart could both make connections with the quadcopter, each thinking it is a different, trusted Wi-Fi network. When the phones connect to the drone, Snoopy will intercept everything they send and receive,” Fink reports. “That includes the sites you visit, credit card information entered or saved on different sites, location data, usernames and passwords. Each phone has a unique identification number, or MAC address, which the drone uses to tie the traffic to the device. The names of the networks the phones visit can also be telling. ‘I’ve seen somebody looking for ‘Bank X’ corporate Wi-Fi,’ Wilkinson said. ‘Now we know that that person works at that bank.’”
Read more in the full article here.
[Thanks to MacDailyNews readers too numerous to mention individually for the heads up.]