There are a number of articles and warnings about Executives being hacked in shared wi-fi including Luxury Hotels , especially in the APAC regions.
Dubbed ‘Darkhotel’ by Kaspersky, the attackers infiltrate luxury hotels’ wi-fi to steal sensitive corporate data from travelling executives.
Targeted businesspeople connect to the hotel wi-fi and are prompted to download fake updates from programs such as Google Toolbar, Adobe Flash and Windows Messenger. Once downloaded, the backdoor installs an advanced keylogger, an information-stealing module and the Trojan ‘Karba’.
Once these applications are installed, it starts looking for private information, cached passwords and login credentials, the attackers delete these hacking tools and avoid suspicion.
A representative from Kaspersky said the attackers have “operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision”.
This malware can also be spread through peer to peer or file sharing networks. It’s estimated that Darkhotel has been downloaded over 30,000 times in the last six months.
To date, the majority of these infections were identified in Japan, Taiwan, Russia, China and Hong Kong.
Kaspersky principal security researcher, Kurt Baumgartner, said these attacks are becoming more common: “Targeted attacks are used to compromise high profile victims, and botnet-style operations are used for mass surveillance or performing other tasks such as DDoSing hostile parties or simply upgrading interesting victims to more sophisticated espionage tools.”
To avoid attacks,
1. Never install or accept software you are not sure about. If you are in doubt, call Sterling IT and we will quickly confirm the legitimacy of the application or pop up.
2. Use a phone company internet connection such as Vodafone, Telstra or Optus 3G/4G USB or Pocket wifi cards instead of shared services.
3. Ensure your antivirus is up to date.
4. NEVER open emails that you are not expecting with links or attachments.