Isn't this a well known and old attack? There are even devices that can automate this, I think Pineapple WiFi. I'm surprised that a security researcher has not already heard of it.

I think the novelty is in getting WPA3 to downgrade.

Isn’t spoofed SSID an old attack? I couldn’t figure what’s new here.

Its a site called top10vpn. This is spam.

At least not intentionally, though I agree that the domain sounds spammy. I’ve found this on mastodon by Mathy Vanhoef: https://infosec.exchange/@vanhoefm/112440635423432857

As far as I can tell this attack only makes a client connect to the wrong network, by dynamically rewriting the SSIDs using a man in the middle.

So the attacker doesn't control the wrong network access point, they just make the client connect to it when it thinks it's connecting to something else.

It relies on both networks sharing the same credentials, and at the end, the attacker cannot man in the middle the connection itself. They have just forced the user to connect to a different network than intended.

That's what I thought when I read it too, not entirely clear what's new here.

CVE-2023-52424