applyloginsubscribe
Source linked

Kaspersky Wardrive Finds 45% of World Cup City Wi-Fi Expose WPS

securelist.com@threat_watch4 hours ago·Cybersecurity·3 comments

A Kaspersky GReAT survey of 69,000+ Wi-Fi networks across Mexico City, Guadalajara, and Monterrey found that 45% advertise WPS and 17% remain entirely open, creating ready attack surfaces for the 2026 World Cup influx.

kaspersky greatwardrivingmexicoworld cup 2026wi fi securitywps

Forty-five percent of the 69,473 unique Wi-Fi networks Kaspersky GReAT detected across Mexico City, Guadalajara, and Monterrey still advertise WPS, a legacy convenience feature that lets attackers brute-force PINs in hours. That stat alone should worry anyone planning to stream a match or check email from a hotel lobby during the 2026 World Cup.

Default SSIDs and ISP Fingerprints Hand Attackers a Map

Thirty-four percent of the detected networks retain default SSID naming conventions straight from the ISP. Patterns like Club_Totalplay_WiFi, izzi WiFi, and INFINITUMXX are everywhere. Worse, more than 30% of networks in all three cities reuse the physical MAC address (BSSID) as the SSID—exposing hardware manufacturers like Huawei, MediaTek, and ZTE to anyone sniffing beacon frames. Kaspersky found 33 unique sequential naming structures (e.g., IZZI-01, IZZI-02) that reveal the scale of automated ISP rollouts. This homogeneity makes infrastructure fingerprinting and vulnerability targeting trivial.

WPA2 Is Everywhere, but Open Networks and WPS Undermine It

WPA2 adoption sits around 80% across the three cities—Mexico City leads at 81.19%. But 17% of networks remain completely open (roughly every 6th access point), and another sliver still runs WEP or WPA. The real kicker: among networks secured with WPA2 or WPA3, roughly half still have WPS enabled. Mexico City hits 53.7%, Guadalajara 50.9%, Monterrey 47.5%. Encryption strength alone is meaningless when the side-channel is wide open. A determined attacker with a Raspberry Pi can crack WPS PINs in under a day, then walk straight through that WPA2 wall.

2.4 GHz Congestion Means Poor Connectivity and Easy Jamming

More than 95% of detected deployments operate in the 2.4 GHz spectrum, overwhelmingly on channels 11, 6, and 1. Channel 11 alone carries 25.2% of all access points. Mexico City shows the highest congestion, with 7% of networks in HIGH or VERY_HIGH channel conflict. Dense urban environments already degrade throughput; predictable channel allocations make it simple to target interference or deploy evil twin hotspots that blend into the noise.

Come June 2026, when 75,000 fans stream into Estadio Azteca and thousands more flood Zócalo, each open SSID and WPS-enabled router is a ready-made vector for credential harvesting and man-in-the-middle attacks. Kaspersky’s data gives us a baseline—and a crisp checklist for closing these gaps before kickoff.

Source: Wardriving assessment across Mexico: Preparing for the 2026 World Cup
Domain: securelist.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
NSO Group Violates Court Order With Fresh Pegasus Attack on WhatsApp

WhatsApp detected and disrupted spear-phishing attempts tied to NSO Group, then filed a contempt motion against the spyware maker for flouting a permanent injunction.

Meta AI Chatbot Bug Let Hackers Hijack 20,000 Instagram Accounts

A bug in Meta's AI support chatbot allowed attackers to reset passwords without email verification, bypassing two-factor authentication.

Meta's AI Support Bot Handed Over Instagram Accounts on Demand

Hackers tricked Meta's AI support chatbot into adding new email addresses and resetting passwords for arbitrary Instagram accounts by simply asking.

Laravel Patches Security Policy Bypass in 13.12.0 and 12.61.1

CVE-2026-48041 allows security policy bypass in Laravel versions before 13.12.0 and 12.61.1; patch immediately.

Comments load interactively on the live page.