Risk: Informational
Hackers infiltrated an IT exhibition that took place in London in April 2005 and attacked delegates' computers with a new type of wireless attack.
Security experts attending the Wireless LAN Event in Olympia, found that anonymous hackers in the crowd had created a web site that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.
"[This] gets very nasty as we've never seen it before," said Spencer Parker, a director of technical solutions at AirDefense. "It downloads 45 different randomly generated viruses, worms and keyloggers so antivirus software doesn't protect it. It doesn't recognise the signatures."
Parker said that the hackers walked around the exhibition carrying a Linux-based laptop running software that turned it into a wireless access point. Initially, they labelled the hotspot "Free_Internet_Access", then "BTOpenzone" and then "T-Mobile".
Parker, whose own computer was infected by the attack, believes that the web site was up for half an hour.
The technique has evolved from an "evil twin" attack, where hackers host fake log-in web sites at commercial Wi-Fi hotspots. This was originally used to lure people into typing in credit card details onto the web page, so the hacker could steal them.
Parker said he saw a number of suspicious people asking "very advanced questions" at the event.
"I saw guys walking round with company badges and I knew they didn't work for those firms. Hackers like to know what's going on," he said.