Using the Fonera to build a phishing portal
Up to now, Spanish wireless company Fon have been extending its network comfortably while developing a reputation of fair and reliable company. But this could change in the future, as Alfonso Jimenez, a Spanish developer, discovered how to mimic the Fon welcome portal.
At first, he thought it was “a failure or that something went wrong” with the access point, but looking inside the Fonera, he found out that the authentication process of router relies on ChilliSpot, an open source wireless LAN access point controller.
Knowing this doesn’t mean anything to the vast majority of Foneros. Still, a small portion of them now could access to the right tool to clone the Fon access portal. And by doing this, they would do what Jimenez pinpointed, whether extending the Fon network — which is a good point –, whether building a fake welcome portal aka a phishing site.
A portion of Foneros is charging 3 euros for a daily pass to their broadband access. By building fake Fon access points, there would be a way to make money without being a member of the network.
Apr 10, 2007 | By Nuno