A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers during flights and at various airports across Australia.
The man, an Australian national, was charged in July 2024 after Australian authorities had confiscated his equipment in April and confirmed that he was engaging in malicious activities during domestic flights and at airports in Perth, Melbourne, and Adelaide.
Specifically, the man was setting up an access point with a ‘WiFi Pineapple’ portable wireless access device and used the same name (SSID) for the rogue wireless network as the legitimate ones in airports.
Users connecting to the malicious access point were directed to a phishing webpage that stole their social media account credentials.
The man used these credentials to access women’s accounts to monitor their communications and steal private images and videos.
“Forensic analysis of data and the seized devices identified thousands of intimate images and videos, personal credentials belonging to other people, and records of fraudulent WiFi pages,” the Australian Federal Police (AFP) says.
“The day after the search warrant, the man deleted 1752 items from his account on a data storage application and unsuccessfully tried to remotely wipe his mobile phone.”
After seizing his luggage on April 19, 2024, the man obtained unauthorized access to his employer’s laptop to access information on confidential meetings between his employer and AFP’s investigators.
Eventually, the man pleaded guilty to:
- Five counts of causing unauthorized access or modification of restricted data
- Three counts of attempting to cause unauthorized access or modification of restricted data
- One count of stealing
- Two counts of unauthorized impairment of electronic communication
- One count of possessing or controlling data with the intent to commit a serious offense
- One count of failure to comply with an order under section 3LA(2)
- Two counts of attempted destruction of evidence
AFP Commander Renee Colley warned the public about the risks of free WiFi, advising the use of virtual private networks (VPNs), strong passwords, and disabling file-sharing and automatic WiFi connectivity.
“Evil twin” WiFi attacks are not common in the wild, but they are practically possible and may go unnoticed and unreported in public spaces.
Captive portals on free WiFi access points should be treated with extra caution and dismissed when requesting personal account information for logging in.
It’s budget season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026.
Learn how top leaders are turning investment into measurable impact.