Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights

Posted on by esimantiras

Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights

source: securityweek.com  :  image: pexels.com

 

An Australian man has been sentenced to prison after he was caught launching Wi-Fi attacks at airports and on flights, the Australian Federal Police (AFP) announced. 

The police’s press release does not name the hacker, but he has been identified by Australian media as Michael Clapsis.

Clapsis, 44, pleaded guilty and has been sentenced to seven years and four months in prison. He will be eligible for parole after five years.

The AFP announced charges against Clapsis in June 2024. The man was caught launching evil twin attacks against individuals who wanted to connect to Wi-Fi networks at airports in Perth, Melbourne and Adelaide, as well as on some domestic flights.

Specifically, according to the AFP, the man used a Wi-Fi Pineapple, a device designed for conducting wireless network pentesting.

The hacking device passively monitored for requests initiated by users looking for free Wi-Fi networks. When such a request was detected, the device created a rogue access point with the name of the targeted network, which resulted in the victim connecting to the attacker’s network.

The victim was then presented with a fake login page asking them to enter their email or social media credentials. 

An investigation was launched after an airline employee discovered a suspicious Wi-Fi network during a flight. 

Later that month, police searched Clapsis’s hand luggage when he landed in Perth, seizing the wireless hacking device, a laptop, and a mobile phone. The man’s home was also searched by investigators. 

“Forensic analysis of data and the seized devices identified thousands of intimate images and videos, personal credentials belonging to other people, and records of fraudulent WiFi pages,” the AFP said. 

Authorities also noted that, the day after the search warrant was executed, the suspect deleted files from an online storage account and unsuccessfully attempted to remotely wipe his mobile phone. 

Days later, Clapsis accessed his employer’s laptop, attempting to access confidential meetings between the company and the AFP regarding the investigation.