Steve Ruddock wrote an article the other week on OnlinePokerReport describing how the geo-location process differs in New Jersey compared to Nevada as it relates to iGaming. In Nevada cell phone triangulation is used, which works fine there as the population areas are not close to the state’s borders. However, with New Jersey as populous as it is and with major cities bordering other states cell phone triangulation may not be effective. Instead New Jersey is using wi-fi geo-location in order to verify player’s location. This fact interested me and I began to research methods to evade or spoof wi-fi geo-location. My research took me to this site where the author gave an overview on how to spoof wi-fi geo-location demonstrating it on Google Maps. Much of what I am writing here is based on his article, I have just added an iGaming perspective. My understanding is one of the methods that wi-fi geo-location works is by examining the wireless networks that are in close proximity to the user. It then compares this with a database containing known wireless networks. Well, what if we could spoof what wireless networks were around us? Perhaps we could make the geo-location think we were somewhere else. In order to do this we need two tools. • Aircrack-ng • Mdk3 First we need to turn our wireless card into monitor mode. The easiest way to do this is using the aircrack suite as seen in the figure below.
Then we will use mdk3 to perform a beacon flood which sends beacon frames to show fake APs at clients. Of course we want these fake AP’s to be actual wireless networks in New Jersey. In order to get a listing of known wireless networks in a specific geographic location you can use WiGLE.
You can either query the networks through the website or you can use a python script that I found on the Internet.
Whichever method you want to have a file with the MAC addresses of the AP’s and the SSID. Before we go ahead and run mdk3 lets go to Google Maps to get our current location.
As you can see Google Maps has pinpointed our location to my office in Virginia. Now let’s go ahead and run mdk3 to send out fake beacons.
Let the tool run for about a minute and then go back to Google Maps and check your current location. As you can see it believes I am now located in Atlantic City.
What does this prove? That in some cases wi-fi geo-location can be spoofed and in this example with Google Maps and the method they use it appears to have been successful. Now I am sure that as it relates to iGaming there are other controls in-place that would prevent this simple attack. Prior to the iGaming sites being put into production they underwent rigorous testing and geo-location was definitely part of that testing. However, it is probably something I will look closer at and I will be sure to report back if that is not the case.