Shared publicly  - 
 
Remember 'wardriving'? It's back!

Years ago, everybody was freaked out about the threat from wardriving -- unscrupulous mobile hackers who find and penetrate Wi-Fi networks from a car.

But now it's back.

A federal grand jury in Seattle has indicted an alleged ring of wardriving professionals, who are accused of tricking out a Mercedes with special antennas, then driving around business districts hunting for business secrets to steal.

The alleged crooks allegedly copied credit card numbers and payroll information via Wi-Fi, which they leveraged to steal $750,000 worth of cash and computers. Allegedly.

The car was a black 1988 Mercedes souped up with network tools and specialized antennas. I want one.

http://www.informationweek.com/news/security/attacks/231602047
40
22
Nagayuki Shimizu's profile photoBrian C's profile photoMatt Wakeford's profile photoRichmond Low's profile photo
43 comments
 
The next wave will be war-blimping, where toy blimps are outfitted with similar equipment and even equipment to intercept cell-phones.
 
A Mercedes eh? Who was behind this, Doc Brown?

"Wait a minute, Doc. Ah... Are you telling me that you built a time machine... out of a DeLorean?"

"The way I see it, if you're gonna build a time machine into a car, why not do it with some style?"
 
blackhat/defcon this year had a war RC plane. with 3G snooping as well :)
 
I've heard stories of someone outfitting a scoped rifle with some sort of antenna and "sniping" info off of phones. In that case I think they were targeting bluetooth.
 
Right.... War-driving sharks with fricken lazer-beams.
 
+Jim Hebert I'm failing to see the similarities here, and I'm a huge BTTF fan. Different car etc. Only thing similar is they built a purpose made machine out of a car.

Lets not forget they are now reading voices from across the street with lasers now. The laser can pickup accurately the variations in window position based off the sound waves in the room and change that into human understandable sound. So if someone really want to know what's going on they will find out.

As far as them stealing all that information from corporate wifi, who is there admin......and WHY is that type of information going across wifi. Sounds like they may have hired the wrong guy. heh.
 
It blows me away that people who should know better keep throwing confidential data out there on (shudder) unencrypted wifi, or as in the case in this article, WEP encrypted. It's kind of like betting your future on a condom that's been in your wallet for the last decade or so...
 
+Robert Bell why would they need to when they have access to other backdoors which are much less public and much more friendly. AT&T anyone.
 
I think something similar happened to my next door neighbor back in February. One day, the FBI raided his house taking out his computer & all sorts of stuff b/c they got a tip he was looking at or downloading child porn, but in the end he never got arrested or charged with anything.

I think someone may have rolled through our neighborhood and hacked into his wi-fi service which caused his IP address to pop up on the police watch list. That's my theory.
 
I was in Afghanistan at the time when I heard about it. Before I left, I know his wife lived there, when I returned from my deployment, I've noticed his wife doesn't live there anymore. So I don't know if it's a good thing or bad thing that he didn't get arrested/charged.
 
I'm skeptical. The operative word here is "allegedly"...
 
The closest thing I've done to wardriving is I've parked outside a Starbucks after they've closed to use their network -- they leave the Wi-Fi going all night. :) (Little digital nomad tip for you there...)
 
War drivers and nethuggers submit it
 
When I need a few extra bucks.
I go out and find unsecured routers in my neighborhood. I then walk up to the door of the house with my laptop and show them that they are a easy target. I offer to secure the router for $20.00 and let them know that I fix computers. I have gotten about 10 clients this way.
 
+DeWayne Lehman It can get dangerous, some people get real mad about it and have told me off for "hacking" them.
 
D'oh >.> some people are just ignorant and need to learn about the internetz.
 
You are not doing it properly until you have some kind of truck/mobile command centre.
 
Cheaper if you do it in a Honda. lol
 
It kinda bugs me how people misuse the term. Wardriving is merely the act of searching for wireless networks, not using them or hacking in any remote fashion. 'Piggybacking' on the other hand is the correct term for connecting and using the services of a WAP without explicit authorization. Many of us wardrive purely for the purpose of Wifi mapping and nothing more and stories like this paint a negative picture of the hobby.
 
can I add u pls.. : u have a lot of useful info.. TY :) Claud
 
I'm not sure wardriving ever went anyplace. Directors of IT that allow sensitive data on a wifi accessable network need to be fired.

Just because WPA is secure today doesn't mean it will be tomorrow, protect your data.
 
Wardriving never went away, there are lots of people doing it right now: http://wigle.net

Wardriving is not the same as illegally hacking and accessing wireless networks.
 
+Dustin Bursley I do not know one single wardriver who attempts to access any wifi network they don't have the authority to do.

I WD while doing OSM Mapping and like to look at the changes in wifi use town by town (sites like wigle.net allow you to fileter by year etc when looking at the results)

If you are squirting wifi data all over the place in to public spaces then I will record your SSID and location and there is nothing you can do about it.

Google/Skyhook et al. are all wardriving too. Without it mobile geolocation would be a lot less convenient!
 
Exactly. +Dustin Bursley I implore you to check Wigle.net and see what the large community of users there do. The 99% statistic you speak of is those of us legitimate wardrivers who do so in a passive context. The other 1% is those who are covered in the article and intend to break into secure networks to cause harm. You have it completely backwards. Comparing torrents to wardriving is apples and oranges.

The biggest issue is the media misusing the terms as I already noted above. Wardriving is the legitimate passive hobby of mapping WAPs. 'Piggybacking' is the illegal tactic of breaking in and misusing resources. People need to get this right and differentiate the two.
 
+Dustin Bursley No grey area on the piggybacking front, totally agree!! :-)

HOORAY, we can all be friends again!
(\/)(;,,;)(\/)
 
+John Francis, I've done the same, but I did it in downtown. It's a lot easier to blend in to the crowd or sit at a bus stop while searching for a new potential client, and businesses are usually much easier to recognize by their SSIDs.
Add a comment...