Security Researcher Fined for Hacking Hotel WiFi
A Chinese Security Researcher is fined with SGD $5000 (nearly $3600) by Singapore Authorities for Hacking into Hotel’s WiFi without any authorization and then revealing passwords of hotel’s internal network via Blog Post.
It all happened at the end of August 2018 when Zheng Dutao of China, visited Singapore to attend the conference “Hack In The Box.”
Zheng took it upon himself, without requesting authorization first, to hack into the WiFi system of a Fragrance Hotel branch, where he checked in for the conference duration.
The security researchers, who work for Chinese web mammoth Tencent, hacked into the Hotel’s Internet Gateway framework, an AntLabs IG3100 gadget that controls access to the WiFi network for staff and visitors alike.
He found that the gadget was utilizing a factory default Telnet password, which he used to access a constrained shell on the device.
From here, he utilized different contents and endeavors to raise his entrance and in the end found the password for a MySQL database that contained data on the lodging’s inward Wi-Fi network.
The security researchers didn’t report the security issues to the lodging yet rather composed a Blog Post about his discoveries, which he later shared on the web.
Zheng didn’t harm lodging’s WiFi system however he likewise didn’t take any precaution to suppress sensitive data from his blog, uncovering the inn’s Telnet and MySQL passwords.
The Cyber Security Agency of Singapore (CSA) found Zheng’s blog days after the fact, cautioned the lodging, and arrested the specialist.
In the event that the court hadn’t finished up he hacked the inn as a leisure activity and in light of no criminal goal, Zheng would have confronted a substantially harsher punishment that could have arrived in him in jail for up to ten years.