Hello

Like Baldrick, I have a cunning plan and would like the opinion of seasoned hackers (being my blackhatter blackadders I suppose) on the viability of this plan. Expect this post will breach the terms and conditions I couldn't be fucked to read.

TLDR it's a multiple angle social engineering credential steal that relies heavily on the stupidity of normal users.

• Set up AP in heavily trafficked location with captive portal "free wifi" (relying on user stupidity)
• Get user to install certificate on device as part of captive portal signup process (relying on user stupidity)
• Use cert for SSL decryption, attempt to sniff an email address from decrypted traffic
• Send email address with cloned and legitimate appearing (with decent grammar, perhaps?) email requestion login to paypal to confirm change to account (fabricated, relying heavily on spam filter being shite and user stupidity)
• host cloned site and have DNS redirection in place on AP to point to cloned site
• use modified cloned paypal site to walk user through disabling MFA (relying heavily on user stupidity)
• quickly use paypal account with stolen credentials to purchase crypto or gift cards
• launder in usual fashion

Relying too heavily on stupid users? I reckon your average Joe would fall for it hook line and sinker.

At this point it would be much easier to just spread Windows malware like what's already being done with Redline.

The appeal is that once it's on the wallet I can effectively dispose of the hardware and having done it in public it will be nigh impossible to trace back to me in person.

Yeah if you have a captive portal just get them to run an executable/install an app, it's way easier. Maybe you shouldn't commit crimes that close to the area where you live though; you don't shit where you eat