Dangerous Wi-Fi access point: attacks to benign smartphone applications

Abstract

Personalization by means of third party application is one of the greatest advantages of smartphones. For example, when a user looks for a path to destination, he can download and install a navigation application with ease from official online market such as Google Play and Appstore. Such applications require an access to the Internet, and most users prefer Wi-Fi networks which are free to use, to mobile networks which cost a fee. For this reason, when they have no access to free Wi-Fi networks, most smartphone users choose to try to use unknown Wi-Fi access points (AP). However, this can be highly dangerous, because such unknown APs are sometimes installed by an adversary with malicious intentions such as stealing information or session hijacking. Today, smartphones contains all kinds of personal information of the users including e-mail address, passwords, schedules, business document, personal photographs, etc., making them an easy target for malicious users. If an adversary takes smartphone, he will get all of information of the users. For this reason, smartphone security has become very important today. In wireless environments, malicious users can easily eavesdrop on and intervene in communication between an end-user and the internet service providers, meaning more vulnerability to man-in-the-middle attacks. In this paper, we try to reveal the risk of using unknown APs by presenting demonstration results. The testbed is composed of two smartphones, two APs, and one server. The compromised AP forwards messages of victim smartphone to the fake server by using domain name system spoofing. Thus, the application that is running on the victim smartphone transfers HTTP request to the fake server. As a result, this application displays the abnormal pop-up advertisement, which contains malicious codes and links. Our demonstration shows that merely connecting to compromise APs can make a malicious behavior even the applications are benign.