Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 06_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Information Security Attacks Exam 212-82 SMS Phishing Attack (SMiShing) (Targeted Attack Scan) fl 0O SMS Phishing is the act of trying to acquire personal and financial information by sending SMSs (Instant Messages or IMs) containing deceptive links \ Attacker buys prepaid SIM card __................. Page load distributed and attacker gets the information. ; » :. + User clicks the link ¢ and redirects to ¢ the phishing site ¢ User provides the personal and financial information Copyright © by EC-Council. All Rights Reserved. Reproductionis Strictly Prohibited. SMS Phishing Attack (SMiShing) (Targeted Attack Scan) Text messaging is the most prevalent nonvoice communication on mobile phones. Users around the world send and receive billions of text messages daily. Such a massive amount of data entails an increase in spam or phishing attacks. SMS phishing (also known as SMiShing) is a type of phishing fraud in which an attacker uses SMS systems to send bogus text messages. It is the act of trying to acquire personal and financial information by sending SMS (or IM) containing deceptive links. Often, these bogus text messages contain a deceptive website URL or telephone number to lure victims into revealing their personal or financial information, such as SSNs, credit card numbers, and online banking username and password. In addition, attackers implement SMiShing to infect victims’ mobile phones and associated networks with malware. Attackers buy a prepaid SMS card using a fake identity. Then, they send an SMS bait to a user. The SMS may seem attractive or urgent. For example, it may include a lottery message, gift voucher, online purchase, or notification of account suspension, along with a malicious link or phone number. When the user clicks the link, considering it to be legitimate, he/she is redirected to the attacker’s phishing site, where he/she provides the requested information (e.g., name, phone number, date of birth, credit card number or PIN, CVV code, SNN, and email address). The attacker may use the acquired information to perform malicious activities such as identity theft, online purchases, and so on. Module 02 Page 349 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Attacker buys prepaid SIM Congratulations!!! card Dear, You have won Sends SMS bait sesrssssssssssnssssnsinssensansscnsccnsceDl lotteryof 1 million, oo www.rij.com/abc.h tmlto claim your price. Attacker A. - Tesssssasnsnnnnnes Page load distributed and attacker gets the information User Congratulations!11 You heve won price Name: Ph. Number: Soclal Security No.: DOB: Credit Card No.: FURE " : User clicks the link Qovrnnnnnnn sssssssssssanat : and redirects to : the phishing site User provides the personal and financial information Figure 2.67: SMS Phishing process Module 02 Page 350 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections O Mobile device pairing on open connections (public Wi-Fi/unencrypted Wi-Fi routers) allows attackers to eavesdrop and intercept data transmission using techniques such as; = Bluesnarfing (stealing information via Bluetooth) = Bluebugging (gaining control over the device via Bluetooth) i"‘\\ ‘ QO Sharing data from malicious devices can infect/breach data on the recipient device _ Suetooth Comery~ ’ o*® g o Paired Bluetoolheoevkes B oo a Grooveer a """" > Legitimate Users :"" Bluebugging Attack AU, Legitimate Users \. Attacker R - /ff: V— > I....... [Ny Laptop ‘ — > Internet i. - e WLAN g Access Point E @ fi ] ’ \\\ Attacker comes in Bluetooth range and intercepts data transmission e /f; s......... Attacker’s Access Point Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections Setting a mobile device’s Bluetooth connection to “open” or the “discovery” mode and turning on the automatic Wi-Fi connection capability, particularly in public places, pose significant risks to mobile devices. Attackers exploit such settings to infect a mobile device with malware such as viruses and Trojans or compromise unencrypted data transmitted across untrusted networks. They may lure victims into accepting a Bluetooth connection request from a malicious device or they may perform a MITM attack to intercept and compromise all the data sent to and from the connected devices. Using the information gathered, attackers may engage in identity fraud and other malicious activities, thereby putting users at great risk. Techniques such as “bluesnarfing” and “bluebugging” help an attacker to eavesdrop on or intercept data transmission between mobile devices paired on open connections (e.g., public Wi-Fi or unencrypted Wi-Fi routers). = Bluesnarfing (Stealing information via Bluetooth) Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, PDAs, and other devices. This technique allows an attacker to access the victim’s contact list, emails, text messages, photos, videos, and business data, stored on the device. Any device with its Bluetooth connection enabled and set to “discoverable” (allowing other Bluetooth devices within range to view the device) may be susceptible to bluesnarfing if the vendor’s software contains a certain vulnerability. Bluesnarfing exploits others’ Bluetooth connections without their knowledge. Module 02 Page 351 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks = Exam 212-82 Bluebugging (Taking over a device via Bluetooth) Bluebugging involves gaining remote access to a target Bluetooth-enabled device and using its features without the victim’s knowledge or consent. Attackers compromise the target device’s security to perform a backdoor attack prior to returning control to its owner. Bluebugging allows attackers to sniff sensitive corporate or personal data, receive calls and text messages intended for the victim, intercept phone calls and messages, forward calls and messages, connect to the Internet, and perform other malicious activities such as accessing contact lists, photos, and videos. g 'B>\‘uetooth Com{é Ct,oo b ove“. Paired Bluetooth Devices - "\ \ \ Legitimate Users E \ Legitimate Users : "'\ N @ ‘ M -n-.o‘r--uu-.)@oulo-> ',‘ | Laptop v,/ EELEED = Internet WLAN Access Point : Attacker comes In Bluetooth range and intercepts data _ transmission V fi Attacker ' Attacker’s Access Point Figure 2.68: Bluebugging Attack Module 02 Page 352 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.