Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Recorded: Nov. 28, 2025, 10:02 p.m.

Original

News

Featured
Latest

GreyNoise launches free scanner to check if you're part of a botnet

The Black Friday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

Microsoft to secure Entra ID sign-ins from script injection attacks

New ShadowV2 botnet malware used AWS outage as a test opportunity

Save on this ethical hacking bundle: $33 through December 7th

Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Microsoft: Windows updates make password login option invisible

Public GitLab repositories exposed more than 17,000 secrets

Tutorials

Latest
Popular

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Virus Removal Guides

Latest
Most Viewed
Ransomware

Remove the Theonlinesearch.com Search Redirect

Remove the Smartwebfinder.com Search Redirect

How to remove the PBlock+ adware browser extension

Remove the Toksearches.xyz Search Redirect

Remove Security Tool and SecurityTool (Uninstall Guide)

How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller

How to remove Antivirus 2009 (Uninstall Instructions)

Locky Ransomware Information, Help Guide, and FAQ

CryptoLocker Ransomware Information Guide and FAQ

CryptorBit and HowDecrypt Information Guide and FAQ

CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ

Downloads

Latest
Most Downloaded

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

Deals

Categories

eLearning

IT Certification Courses

Gear + Gadgets

Security

VPNs

Popular

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Forums
More

Startup Database
Uninstall Database
Glossary
Chat on Discord
Send us a Tip!
Welcome Guide

HomeNewsSecurityMan behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

By Bill Toulas

November 28, 2025
01:25 PM
0

A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers during flights and at various airports across Australia.
The man, an Australian national, was charged in July 2024 after Australian authorities had confiscated his equipment in April and confirmed that he was engaging in malicious activities during domestic flights and at airports in Perth, Melbourne, and Adelaide.
Specifically, the man was setting up an access point with a ‘WiFi Pineapple’ portable wireless access device and used the same name (SSID) for the rogue wireless network as the legitimate ones in airports.

Users connecting to the malicious access point were directed to a phishing webpage that stole their social media account credentials.
The man used these credentials to access women's accounts to monitor their communications and steal private images and videos.
"Forensic analysis of data and the seized devices identified thousands of intimate images and videos, personal credentials belonging to other people, and records of fraudulent WiFi pages," the Australian Federal Police (AFP) says.
"The day after the search warrant, the man deleted 1752 items from his account on a data storage application and unsuccessfully tried to remotely wipe his mobile phone."
After seizing his luggage on April 19, 2024, the man obtained unauthorized access to his employer’s laptop to access information on confidential meetings between his employer and AFP’s investigators.
Eventually, the man pleaded guilty to:
Five counts of causing unauthorized access or modification of restricted data
Three counts of attempting to cause unauthorized access or modification of restricted data
One count of stealing
Two counts of unauthorized impairment of electronic communication
One count of possessing or controlling data with the intent to commit a serious offense
One count of failure to comply with an order under section 3LA(2)
Two counts of attempted destruction of evidence
AFP Commander Renee Colley warned the public about the risks of free WiFi, advising the use of virtual private networks (VPNs), strong passwords, and disabling file-sharing and automatic WiFi connectivity.
“Evil twin” WiFi attacks are not common in the wild, but they are practically possible and may go unnoticed and unreported in public spaces.
Captive portals on free WiFi access points should be treated with extra caution and dismissed when requesting personal account information for logging in.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI
Broken IAM isn't just an IT problem - the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.
Get the guide

Related Articles:
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptionsFCC rolls back cybersecurity rules for telcos, despite state-hacking risksRussian bulletproof hosting provider sanctioned over ransomware tiesFive plead guilty to helping North Koreans infiltrate US firmsData breach at major Swedish software supplier impacts 1.5 million

Australia
Australian Federal Police
Evil Twin
Legal
Prison
WiFi

Bill Toulas
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Previous Article
Next Article

Popular Stories

Microsoft: Exchange Online outage blocks access to Outlook mailboxes

Code beautifiers expose credentials from banks, govt, tech orgs

GreyNoise launches free scanner to check if you're part of a botnet

Sponsor Posts

CMMC Made Simple. Get audit-ready with Huntress—faster, easier, and more affordable.

Review of Passwork: Affordable Enterprise-Grade Password Manager

WSUS can’t keep up in a remote-first world. Cloud-native patching fixes what VPNs never could

Overdue a password health-check? Audit your Active Directory for free

Upcoming Webinar

Main Sections

News
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary

Community

Forums
Forum Rules
Chat

Useful Resources

Welcome Guide
Sitemap

Company

About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog

Username

Password

Remember Me

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...
SUBMIT

This document details the case of a 44-year-old Australian man convicted of operating “evil twin” WiFi networks to steal personal data from unsuspecting travelers and, more seriously, access his employer’s information. The incident, which occurred between April 2024 and November 2025, involved the man setting up a rogue WiFi access point mirroring the legitimate networks found in airports and utilizing a “WiFi Pineapple” device. His intent was to capture credentials from users connecting to this simulated network, specifically targeting women’s accounts to gain access to their communication and imagery.

The man’s actions constituted a serious breach of security and involved multiple criminal offenses, as investigated and prosecuted by the Australian Federal Police (AFP). Forensic analysis of his seized devices revealed the theft of thousands of intimate images and videos, personal credentials belonging to other individuals, and records of fraudulent WiFi capture pages. Notably, the individual attempted to delete evidence, including 1752 data items from a cloud storage application and unsuccessfully tried to remotely wipe his mobile phone, immediately after being informed of the search warrant. Even more concerning, he gained unauthorized access to his employer’s laptop, gaining his way into confidential meetings between his employer and the AFP investigators. This act of espionage further compounded the severity of his crimes and resulted in charges including causing unauthorized access to restricted data, attempting unauthorized access, stealing, unauthorized impairment of electronic communication, and possessing evidence with intent to obstruct a criminal investigation.

The AFP Commander, Renee Colley, issued a public warning, emphasizing the risks associated with free WiFi networks, urging users to implement preventative measures such as utilizing virtual private networks (VPNs), establishing strong passwords, and disabling automatic WiFi connectivity and file-sharing features. The case highlights the prevalence of "evil twin" attacks, demonstrating that while relatively rare, they are technically feasible and pose a significant threat, particularly in public environments where individuals may be vulnerable to sophisticated deception.

The resolution of this case underscores the importance of vigilance and proactive security practices when utilizing public WiFi networks. It also emphasizes the potential for malicious actors to exploit seemingly innocuous services for criminal purposes, with severe consequences for those involved. The man received a seven-year and four-month prison sentence, reflecting the gravity of his offenses, including the attempted espionage, theft of data, and obstruction of justice. The AFP’s investigation and prosecution serve as a stark reminder of the ongoing need for robust cybersecurity defenses and diligent user awareness in the face of evolving digital threats.