0

I have been using my android phone as a wifi hot spot for my laptop over the last few days so I can access the internet. I've been in a new location with no other personal devices nearby, and the hot spot has been on for extended hours over several days. I had WPA2 PSK security enabled for the hot spot.

Today I noticed that there was an extra device attached to the hot spot. I don't know when or how long they were connected. I turned the hot spot off and on again, and noticed that something connected again after some time. I changed my password to something much much stronger and the connection didn't appear again. As mentioned, I have WPA2 PSK enabled, but the password was not secure, probably brute-forcable from a list.

What could an attacker have done to my phone and laptop while they were connected to the hot spot? My phone runs a custom rom (Lineage) and the bootloader is unlocked. I wouldn't consider myself a target, although it is conceivable that I could be. Either way, the fact remains that someone cracked the password (I'll admit, it wasn't super secure to begin with) and connected for some reason.

Bamboo
  • 195
  • 1
  • 5
  • Are you absolutely certain you didn't connect a different device sometime in the past that remembered the connection details? It seems to be unlikely an attacker chose not only to attack your on-again-off-again hotspot, but also managed to crack the WPA2 password, which is non-trivial and requires certain hardware configurations. In either case, your security risk should be no different than that from any other network with unknown participants. If you have unprotected servers running on either device, any network member could have accessed them. – René Roth Jul 09 '21 at 11:15
  • There was nothing else anywhere near that could have seen the phone other than just the past week (I wasn't at home). The password was something that could probably be brute-forcable using a list... I'm actually really embarrassed about that part, I normally take security really seriously, but up until this week I rarely ever used a hot spot, so I didn't do it properly... – Bamboo Jul 09 '21 at 11:23
  • Also, the hotspot was on for extended hours in the same place over 4 days – Bamboo Jul 09 '21 at 11:25
  • "*I changed my password to something much much stronger and the connection didn't appear again.*" That would have been my first guess, an easily guessed password such as a common password or a variant of your SSID. – user10216038 Jul 09 '21 at 17:12

0 Answers0