A group of hackers known as “DarkHotel” have perfected the act of targeting high profile guests (CEOs, senior vice presidents, sales and marketing directors) staying in well-known hotels. The hackers gain access to the target’s computer by creating a pop-up disguised as a well-known application, such as Adobe, claiming there is a new update that must be installed. The unsuspecting victim will then accept the download, and in turn gives the hackers access to steal information from their computers and use it to compromise the company the victim works for. To perfectly execute the attack, these sophisticated attackers will lurk on the hotel’s network for days leading up to the target’s check-in, upload their malware before the guest arrives, and delete it days after their departure to clear any trace of the attack.
Although this threat has been active since at least 2010, these hackers have begun to focus on the United States, meaning those that travel for work are at a higher risk to have their computers affected by this malware. Hotels, even the luxurious ones, aren’t necessarily safe cybersecurity-wise. Public computers used by visitors to access the internet are often equipped with unsupervised software and can occasionally contain malware. It is extremely dangerous to access any sensitive data when connected to a public network.
To keep yourself safe from any potential malware, consider the following:
- Ensure operating systems are up to date. New updates come out frequently for operating systems, so for traveler’s laptops, enable automatic Windows updates.
- Update all 3rd party software apps. This means everything that is being used — programs for company use, recreational use, and security solutions.
- Consider deploying a security tool that uses application whitelisting as its primary method of malware detection. With application whitelisting, unknown files are blocked from executing until they can be tested and proven safe.
- Install quality Internet security software: make sure it includes proactive defense against new threats rather than just basic antivirus protection.
- Choose a Virtual Private Network (VPN) provider – you will get an encrypted communication channel when accessing public or semi-public Wi-Fi.
- When traveling, always regard software updates as suspicious. Confirm that the proposed update installer is signed by the appropriate vendor.
- Make sure your Internet security solution includes proactive defense against new threats rather than just basic antivirus protection.
Source: KnowBe4.com, Kaspersky Lab
For more information, check out Hackers are Targeting Hotel Wi-Fi with Particularly Evil Malware and Spear Phishing and The Story of Darkhotel