Is it possible for hackers hack my PC by creating fake AP that my PC probed

Question

I heard that hackers can create fake AP that my PC is probing. As soon as my PC found the Fake AP, it will connect automatically. So

1. To clarify, is it possible for hackers create the Fake AP that my PC is Probing, if they knew the type of security (Wpa/Wep) and the password for the genuine AP (Common; library wifi or Restaurant wifi that i had been using previously).

2. Is it possible for hackers to break in my PC while using the fake AP.

So basically, it is type of hacking other PC unconnected to any wifi. Is there such a thing?

Answer 1

If they know the SSID and the password then yes they can create a rogue AP that your PC will connect to. As to the possibility of a "hack", there is a provision in Windows (and a similar feature in other OSes) to designate certain networks as trusted or untrusted. This causes the local firewall to choose looser or more strict settings, respectively. It is a good idea to implement this if you are connecting to public WiFi, which will protect your PC from basic intrusions. There is still the chance that a sophisticated attacker can intercept your communication and perform a complex man-in-the-middle, and the only way to guard against that is to use a well configured VPN session any time you are connected to a WiFi access point you don't fully control.

Answer 2

It is possible to set up a wireless access point that has the same SSID ("name") like your private router. This way your PC could automatically connect to the attackers network. From this point it is easy to sniff all unencrypted data that is sent over the network. Also the attack vector for remote exploits is much greater when the attacker is in the same network.