Beware of wifi "pineapples" at your local coffee shop

Posted at 6:00 AM, Jun 29, 2017
and last updated 2017-06-29 07:39:41-04

The Ohio Auditor of State's Office issued a new warning to local government employees Wednesday to be extra vigilant about the information they share online and the networks they use. It comes days after various Ohio government sites were hacked with pro-ISIS messages.

"There is no safe wifi," said Nicole Beckwith, an investigator with the auditor's office. "Use a virtual private network (VPN), don't go to your banking sites or your secure sites."

RELATED: Hackers break into Lorain Co. business security camera, screaming insults through camera speakers

Among the dangers Beckwith shared with North Olmsted employees included devices called wifi pineapples.

"This is super dangerous," she said.

Pineapples allow anyone to create their own wifi network for others to join. The operator can then watch in real-time as users surf the internet and even steal personal information.

Beckwith demonstrated to News 5 how the device, which costs as little as $50 and can easily be purchased online, works.

"This will listen and capture all of your traffic," she added.

Beckwith set up a pineapple wifi network at a Starbucks in North Olmsted using the exact name of the establishment's legitimate wifi network. Within minutes, three people connected to the pineapple.

What's even more disturbing is that cell phones, if not set to manual wifi connection mode, will automatically connect to a pineapple if in range.

"So you don't essentially have to do anything for this device to capture your data," Beckwith said.

When News 5 Reporter Kristin Volk connected her phone to the pineapple, the images on her phone showed up on Beckwith's laptop.

Beckwith said that although pineapples are not new, they are gaining popularity as hacking becomes trendier. They were originally created for IT professionals to test the vulnerability of their networks.