Darkhotel bug spying on high-profile business travellers

The scheme has been in action for four years
The scheme has been in action for four years

High-profile business travellers signing onto Wi-Fi in luxury hotels could have had data stolen under a ‘Darkhotel’ spying campaign, according to one of the world’s IT security companies.

Research by Kaspersky Lab found data has been stolen from corporate executives staying in hotels for the last four years, most recently targeting executives from the US and Asia travelling and investing in the APAC region.

The group trick users to download and install a system disguised as legitimate software such as Google Toolbar or Adobe Flash once they have logged into the Wi-Fi network with their name and room number.

Thinking they need the software to continue, the executive downloads the ‘welcome package’ from the hotel to then be spied on and have information taken from keystrokes, cached passwords, email and social media networks. They then delete their tools and ‘go back into hiding’.

“For the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behaviour,” said Kurt Baumgartner, Principal Security Researcher at Kaspersky Lab.

The firm is now working with organisations to mitigate the problem.

 

Worried about being subject to Darkhotel? Follow these tips

  • View any public or semi-public network as potentially dangerous
  • Choose a Virtual Private Network (VPN) provider as it is encrypted
  • Regard software updates as suspicious when you are travelling. Check the appropriate vendor has signed the update installer.
  • Make sure the security settings on your internet security solution are strong as well as anti-virus protection

Comments are closed.