Malicious threat actors have a deadly arsenal of tactics that can be used to breach your companies defenses and cause a lot of harm for a business and their clients. They could find their way in an unauthorized manner through a brute force or phishing attacks, or through the exploitation of vulnerabilities amongst other measures that they can employ.
In this article we will look at WiFi Pineapples and what they are and what they can do to your organization.
A WiFi Pineapple is a penetration testing platform that is designed to provide an assessment and report of vulnerabilities with in the businesses environment.
How Can A WiFi Pinapple Be Used & What It Can Do To One's Company?
Phishing & Credential Theft
When a device looks to connect to a wireless network, it actually broadcasts which wireless network it is looking to connect to.
A WiFi Pineapple can read the signal & impersonate the wireless network the device is trying to connect to, encouraging the device to try to connect to it.
Malicious threat actors can entice victims with an “Evil Portal”, one that mimics the login screens of legitimate accounts such as Office 365, Google, and social media platforms etc to gather login credentials
Data Main In The Middle Attacks
There are some cases where a WiFi Pineapple can still access the internet. In this case the WiFi Pineapple can eaves drop on a users online activity. It can even intercept confidential data exchanged between a user and any websites they visit.