Corporate executives traveling in Asia may need to be extra cautions the next time they connect to a hotel’s Wi-Fi network — that is, if they haven’t already been hacked.A seven-year-old cyber espionage campaign has targeted senior level executives from large global companies by using a specialized Advanced Persistent Threat (APT), zero-day exploits, and well-developed keyloggers to extract information from them when they stay in luxury hotels during their business trips.
Over the last four years, malicious hackers have been stealing data from company executives while they stay in luxury hotels in an attack known as “Darkhotel,” security research firm Kaspersky Lab revealed on Monday. The hackers gain access to executives’ computers when they connect to a hotel’s wireless Internet, the report said, though no specific hotels are named.
When the target executives connect their devices to the hotel’s Wi-Fi or wired Internet access, they are shown bogus software updates, typically something that looks legitimate, for Adobe Flash, Google Toolbar, or Windows Messenger. But these updates also contain a type of malware called a Trojan dropper bundled with more malware.
The DarkHotel malware operating group have also recently stolen third-party certificates to sign their malware.
In order to protect your device, the easiest way for you is to avoid connecting to hotel Wi-Fi networks or to any other public or untrusted networks, and instead, use your mobile device hotspot to get access to the Internet.