Cats and Dogs Used to Expose Your Home WiFi Network Vulnerabilities

Forget WarDriving because now domestic cats (“War Kittehs“) and dogs (“Denial of Service Dog“) can be hackers too. Security expert Gene Bransfield from Tenacity Solutions told the DEFCON 22 conference in Las Vegas this weekend that he’d adapted a special cat collar to help uncover open or unsecure home wifi networks in his local area.

In case anybody doesn’t know, WarDriving is essentially the act of driving around and hunting for any open or exploitable wifi wireless networks, which can then be abused. The practice is arguably less common now because more and more home routers come with a good level of security encryption enabled by default (e.g. WPA2), although there are still plenty of people who use the old WEP method or simply leave their network completely open and thus exposed.

But what if you’re an incredibly lazy WarDriver / hacker and want to save time? Well the answer is an obvious one, weaponize your pets to do the job for you! Apparently Bransfield first hit upon the idea during an early presentation after one of his audience members offered to lend him their GPS-equipped cat tracking collar.

Such GPS devices are becoming increasingly common because cats often go AFK for long periods, although ours usually gets her two front paws stuck in the collar (quite entertaining) or somehow manages to eat the strap off. But apparently some cats are more amenable and so Bransfield hit upon his idea.

Gene Bransfield, Tenacity Solutions, said:

“Me being the guy I am, I thought “All you need now is a WiFi sniffing device and you’d have a War Kitteh.” I attended another conference and someone brought their dog. The dog was loaded down with a doggie backpack containing WiFi hotspots. They called it a WiFi Service Dog. I observed that if you loaded the backpack with different equipment (e.g. a Pineapple) you could create a Denial of Service Dog.”

After this Bransfield gave his cat, Coco, just such a collar and promptly sent her off to patrol the local neighbourhood, including peeing on peoples bushes, pooing in the next door neighbours garden without burying the result and of course to track local WiFi signals and record which were open or protected by weak security.

Sure enough the cat later returned 3 hours later with a suitably useful payload of GPS and wifi data, plus we suspect one dead mouse (aka – a “gift” that cat owners rarely appreciate as much as their pet would like) and muddy paws. Unfortunately the data revealed that many of Bransfield’s neighbours had some very unsecure wifi networks.

Admittedly it’s difficult to see hackers adopting this approach on mass, not least due to the cost of keeping cats and the difficulty of recapturing them (even with GPS tracking enabled). Never the less Bransfield remarked that “cats are more interesting to people than information security” and thus a good way of raising awareness about such matters.