The hackers were out in force and trying new tools at DefCon 12, the yearly underground hacking convention in Las Vegas last week, AirDefense says.

The Atlanta firm, which provides wireless network security and monitoring, reports that “data injection” and network manipulation tools were in use rather than “sniffing” at the event.

“The types of attacks we are seeing are increasingly more sophisticated than those of years past,” says Richard Rushing, chief security officer of AirDefense, in a statement. “Whereas last year we noted basic denial of service and MAC spoofing attacks, this year hackers have moved on to what we refer to as level three attacks, where hackers are actually injecting traffic into the network and manipulating data.”

The company says attendees surfing the web sometimes received images and data that they had not requested.

AirDefense also notes another kind of attack — a “Developer’s Kit Denial of Service (DoS)” — which it says includes modifying network cards to knock people off a network, prevent others from sending data, or take control of a network. Data is sent from the PC without having to receive a signal from a network access point, the company says.

AirDefense routinely monitors networks at conventions and other events then reports on trends in hacker attacks.

For other AirDefense analysis, see: