Hackers can obtain personal data all types. They can steal your passwords, information about the accounts you use or data related to your devices. If they know where you are, they can launch more personal attacks, with more information for you to fall for. For example, launching an attack with information related to a specific event that may take place in your city.
New malware that triangulates your location
It is a malware called Whiffy Recon. It uses the Wi-Fi network to triangulate the location of the victim. He is part of the cybercriminal group behind the Smoke Loader botnet. They are based on Wi-Fi scanning as well as Google’s geolocation API. With this they can find out where a person is.
It should be mentioned that the Google Geolocation API it allows HTTPS requests with information from Wi-Fi access points and is capable of returning latitude and longitude coordinates. With this, it is possible to know where a device is if it does not have integrated GPS. But of course, if this function is exploited, this information may be exposed to an attacker.
Accuracy may be higher or lower depending on the number of Wi-Fi access points there are. usually oscillate between 20 and 50 meters. In less dense areas, the distance may be greater. This will help cybercriminals to carry out attacks that are better focused on the victim, in a more specific place.
they might even intimidate the victim pretending that they know where he is at all times. They might threaten to show you information, even if they don’t have it, simply to make you see that they know where you are and that leads you to believe that they have more data or access to your devices entirely.
What the malware does is look for the WLANSVC service name. If it does not exist, register the bot. On Windows, where that service exists, it will run a Wi-Fi scan loop every minute. It is going to exploit the Windows WLAN API. Using the coordinates from Google’s response, you’ll create a more comprehensive report on access points.
How to avoid this problem
What can you do to avoid problems like this and similar ones? Something fundamental is have everything well updated. It is key to correct possible vulnerabilities that may exist, since hackers will exploit these flaws to obtain information and data of all kinds.
It is also important that you have a good anti virus. It is what will prevent the entry of very diverse threats, such as viruses, Trojans and other types of malware that can take control of your device without you noticing. Being protected is essential to avoid problems like this.
But if there is something fundamental, it is the common sense. Avoid making mistakes, such as clicking on a fake link, downloading an unofficial program, accepting a file that is sent to you by mail… This can lead to malicious software slipping through or stealing certain data.
In short, as you can see they can use malware, Whiffy Recon, to know where you are at all times through Wi-Fi. It is important that you take measures to protect yourself, so as not to fall into the trap of cybercriminals. That will help you avoid attacks on the network of all kinds, not just this one that we have explained. You must protect yourself from a network sniffer and other problems.
