New Threat to Public Wi-Fi Users: Typhoid Adware

Photo taken by Simon Cataudo. (scataudo) There are no usage restrictions for this photo

A new strain of adware created by researchers at the University of Calgary demonstrates how easy it may be to infect untold numbers of computers signed on to public Wi-Fi networks.

Called Typhoid adware, the new threat is passed on to computers sharing an unsecured wireless connection, leaving the carrier computer's owner unaware that she has delivered malware to her neighbors. They in turn could be exposed to scams designed to access their personal information like credit cards and bank accounts.

Adware is a type of malware known for generating annoying pop-up ads.

Typhoid adware takes its name from Typhoid Mary, the first identified carrier of typhoid fever in the early 1900's. She denied she had infected more than 50 New Yorkers with the deadly disease.

"We're looking at a different variant of adware – Typhoid adware –which we haven't seen out there yet, but we believe could be a threat soon," said associate professor John Aycock, who co-authored a paper on the concept with assistant professor Mea Wang and students Daniel Medeiros Nunes de Castro and Eric Lin. The findings were presented recently at the EICAR IT-security conference in Paris.

Aycock told TechNewsDaily that because more and more people are using their laptops in public over wireless connections, he expects to see a lot more proximity-based attacks. "We're taking a proactive stance with our research and identifying the direction bad guys are going before we see the results of their work in the wild."

"Typhoid adware is designed for public places where people bring their laptops," Aycock said. "It's far more covert, displaying advertisements on computers that don't have the adware installed, not the ones that do."

Typhoid adware could be installed when a user clicks on a "carrier" link or email attachment. Aycock said it may be bundled with something else like a screensaver or toolbar download and the user will have no clue that her computer is now carrying a program to infect others. And true to the Typhoid analogy, computer users on the same network will have no idea their computers are displaying rogue ads.

Aycock and his team built Typhoid adware and demonstrated in their lab how it could broadcast rogue ads to neighboring computers. The infected computer sends a signal to other computers in the public network and intercepts the incoming signal, cleverly inserting its programmed ads into the videos and Web pages of unsuspecting laptop users nearby.

"Typhoid adware is sneaky," Aycock. " Everytime the computer carrying Typhoid adware connects to an unsecured Wi-Fi network, all computers in its vicinity are at risk." Meanwhile, the carrier sips her latté in peace – she sees no advertisements and doesn't know she is infected―just like symptomless Typhoid Mary.

So how can people protect themselves from Typhoid adware? Aycock's advice applies to this and most Internet security threats.

"Make sure the antivirus software you're running is up-to-date," he said. "Keep your [operating] system up-to-date, and always approach the Internet with a fair amount of skepticism."

Leslie Meredith
Leslie Meredith is a contributor to Live Science. She has a bachelor's degree from UCLA in psychology and has directed tourism and ski publications for the Salt Lake Visitor & Convention Bureau and managed promotions and events for Sunset Magazine.