The Zombie Network: Beware 'Free Public WiFi'

October 9, 2010

Travis Larchuk

Download Story

It's in your airports, your coffee shops and your libraries: "Free Public WiFi."

Despite its enticing name, the network, available in thousands of locations across the United States, does not actually provide access to the Internet. But like a virus, it has spread -- and may even be lurking on your computer right now.

Wireless security expert Joshua Wright first noticed it about four years ago at an airport.

"I went to connect to an available wireless network and I saw this option, Free Public WiFi," he remembers. "As I looked more and more, I saw this in more and more locations. And I was aware from my job and analysis in the field that this wasn't a sanctioned, provisioned wireless network, but it was actually something rogue."

Free Public WiFi isn't set up like most wireless networks people use to get to the Internet. Instead, it's an "ad hoc" network -- meaning when a user selects it, he or she isn't connecting to a router or hot spot, but rather directly to someone else's computer in the area.

Though it doesn't actually provide Internet access, the network has spread across the country thanks to an old Windows XP bug.

How It Works

When a computer running an older version of XP can't find any of its "favorite" wireless networks, it will automatically create an ad hoc network with the same name as the last one it connected to -– in this case, "Free Public WiFi." Other computers within range of that new ad hoc network can see it, luring other users to connect. And who can resist the word "free?"

Not a lot of people, judging from the spread of Free Public WiFi. Computers with the XP bug that try to connect to the Internet will remember the name, create their own ad hoc networks and entice other users wherever they go.

Microsoft is aware of the issue and says it has eliminated the network in more recent versions of Windows. It also created a fix to the problem for the older version of Windows XP -- Windows XP Service Pack 3 -- but many people still haven't updated their computers.

That means, Wright says, the network continues to spread across the country like something from a horror movie -- the kind "where a zombie takes a hold of one person, bites them and they become infected by this zombie virus."

It's not the only zombie network out there, either. Others you may have seen go by such alluring names as "linksys," "hpsetup," "tmobile" or "default."

A Trick That's A Treat For Hackers

No one knows for sure where Free Public WiFi began. One theory, Wright says, is that someone may have set it up as a joke. It might have been created to trick a friend into connecting "so he would get a Web page with some kind of a gross image or childish prank."

Unintentionally creating or connecting to the ad hoc network isn't inherently harmful, despite its virus-like spread. It does, however, provide an access point for hackers to come in and check out the user's files.

Part of Wright's job is to hack into a company's wireless network in order to expose vulnerabilities. When he sees Free Public WiFi, he says, "we break out the champagne."

"Because I know at that point I will be able to get unlimited access to internal resources just from that one starting point." Copyright 2010 National Public Radio. To see more, visit http://www.npr.org/.