Navigating a labyrinth

Sitting amidst the hustle and bustle of the railway station, you felt a wave of relief wash over you. Having completed an important file for your office, you eagerly anticipated returning home and enjoying a relaxing weekend. The ringing phone shattered your momentary peace, signaling a call from your boss. The sinking feeling in your heart returned as soon as your boss requested the file you had recently completed. You had saved it on your laptop but weren't sure if you had enough time to transfer it before your train arrived. In a fluster, you replied that you can send it. However, just as you were about to connect your laptop to your phone's hotspot, another call came in. This time, it was from the builder of your newly booked flat asking for final payment. You sighed. And just as you were trying to explain that you were in a hurry, the internet connection on your phone dropped. You looked at your watch. Your train was due to arrive in just a few minutes. You knew that the public Wi-Fi at the station wasn't safe, but you had no other option. You quickly connected your laptop to the available public Wi-Fi, hoping that you would be able to transfer the file. Cybersecurity enthusiasts, you knew the risks associated with using public Wi-Fi. So, you decided to transfer only the file to your office, not the money to your builder using public Wi-Fi.

While logging into your email, a pop-up message appeared, indicating that your browser needed to be updated. As you clicked on the option to update the browser, you remembered setting your laptop to notify you before downloading any updates. Sadly, this meant you had to wait for the updates to complete before being able to use the browser. Anxiously, you watched as the updates downloaded, hoping to send the file in time. Finally, after what felt like forever, the updates finished downloading. You swiftly logged into your email and sent the file, relieved to have completed the task before your train arrived. As you shut your laptop, you hurried towards the platform, your heart racing as you heard the announcement of your train's arrival. Later that evening, you logged into your home Wi-Fi network and opened your banking site to transfer the money to your builder's account. However, before hitting the transfer button, you hesitated and decided to take extra precautions. You made sure to use a secure connection with HTTPS enabled to minimize the risks associated with online banking. After ensuring the necessary security measures, you hit the transfer button and waited anxiously for the confirmation. You sent a payment summary in PDF format to the builder via WhatsApp Web using your browser. Later, you received flat pictures from a number pretending to be from the builder's house on WhatsApp, which you opened on your mobile. You woke up the next morning to multiple notifications on your phone, which filled you with dread. Upon checking, you discovered that several fund transfer messages had been sent from your bank account to an account connected with your phone's UPI. Additionally, there were multiple purchases made using your UPI account. This was a terrible realization. You felt a sinking feeling in your stomach.

Did your account get hacked due to a spyware and keystroke logger downloaded when you clicked on a browser update pop-up message through public Wi-Fi? The spyware gave the hacker access to your laptop and enabled them to steal your bank login credentials, transaction password, and images saved on your laptop. Are you still wondering how hackers transferred money from your account without an OTP? Using a fake WhatsApp account, the hacker sent you compromised flat images i.e. stegosploit, which downloaded a malicious code to your phone upon opening. Now, the hackers have complete access to your compromised phone.

Hackers use ChatGPT-4 to create stegosploit

OpenAI tools like ChatGPT-4 allow hackers to create sophisticated malware faster and with improved evasion tactics. Stegosploit, a type of malware hidden within image data, can be generated using ChatGPT-4. GPT-based bots can launch massive spam campaigns and distribute malware, putting victims' devices and networks at risk. Threat actors use ChatGPT-4 to create harmful code embedded in the image, often containing executable files as malware, which they circulate through messaging apps, and social media platforms. Once victims download the image, the code establishes a connection, enabling threat actors to execute commands and infect devices with malware, compromising their data.

How does spyware infiltrate?

Spyware can infiltrate a device in different ways, like downloading software/upgrades from untrusted sources or clicking a link in a phishing email. For instance, a seemingly harmless pdf/image download or free app from an untrusted website could contain spyware. Once installed, it will run undetected, recording keystrokes, taking screenshots, and capturing data, like passwords/credit card details, text messages, and browsing history. Stolen information is transmitted to an attacker for nefarious purposes. Adware, another spyware variant, monitors browsing habits to show targeted ads. Although not harmful, the adware can be intrusive, and slow down the device.

Hazards of public Wi-Fi

Hackers execute 'Evil Twin' attacks by creating fake hotspots to eavesdrop through Man-in-the-Middle techniques and exploit security vulnerabilities, such as password cracking and packet sniffing. These attacks can result in identity theft, malware infections, password theft, data snooping, email compromise, ransomware, session hijacking, account takeover, phishing, and remote control.

Best practices for ensuring security

Before using public Wi-Fi, verify VPN, clear cache, update and enable antivirus with filtering capabilities, update operating system and apps, close unnecessary programs and tabs, log out of unnecessary accounts, enable automatic credential filling with a password manager, install a cross-browser and app ad blocker, use 2FA/MFA, disable Auto-Connect and Bluetooth. While using public Wi-Fi, connect only to networks from trustworthy physical entities, avoid sensitive information input, and limit saved Wi-Fi networks to trusted ones. After disconnecting, scan for malware, restart the device, purge unused networks, and consider using a mobile hotspot instead.

The writer is an HoD and Assistant Professor of Dept of Computer Sc & Electronics, Ramakrishna Mission Vidyamandira. Views expressed are personal