Hackers are Using Hotel Wi-Fi to Spy on Guests and Steal Data and Money

This is one more reason why you always want to use a VPN, especially when traveling.

An advanced hacking and cyberespionage campaign against high-value targets has returned. The so-called ‘DarkHotel’ group has been active for over a decade, with a signature brand of cybercrime that targets business travellers with malware attacks, using the Wi-Fi in luxury hotels across the globe.

In short, the hackers find ways to infiltrate the hote’s wi-fi system so that they can see every bit of information that hotel guests are sending and receiving on (unencrypted) connections.

The hackers have much more sophisticated methods than just “wiretapping” into the wi-fi network. The usual method for the attack is to send carefully crafted phishing emails. When the recipient clicks on the email message, a self-extracting archive package, called winword.exe, is then executed and begins the Trojan downloader process.

Luckily, the problem is easy to avoid.

First, never use Windows as the trojan program only infects Windows systems. Instead, use a Macintosh, Chromebook, Linux, iPad, or Android device to read your email messages. The winword.exe trojan won’t affect those systems.

If you only have a Windows laptop, there is a simple solution: download a Linux LiveCD and use that. When in a hotel, insert the LiveCD and boot your computer up in Linux. The LiveCD won’t touch anything on your Windows system’s hard drive. Once finished, you boot down, remove the LiveCD, and continue using the Windows system as you always have,

This is a very simple and very effective solution. You can find a number of online articles that will explain the process by starting at: https://duckduckgo.com/?q=how+to+use+a+livecd&ia=web.

Next, always use a VPN. It appears that the hackers have to first identify a likely looking target: someone staying in an expensive, luxury hotel and paying by expense account. They can do that by “wiretapping” your wi-fi connection and reading your email messages as they are sent an received. By using an encrypted VPN connection stops the hackers in their tracks, they cannot read your messages, won’t know who you are or what messages you are sending and receiving.

The hackers cannot drain your bank account or charge things to your credit cards if they don’t know who you are and cannot see your bank account or credit card numbers.

Start at https://privacyblog.com/category/vpn-virtual-private-networking/ to find a large number of articles about VPNs.

3 thoughts on “Hackers are Using Hotel Wi-Fi to Spy on Guests and Steal Data and Money

  1. I don’t stay at high-end hotels but this raises a very basic question for me. Since the sign-in screen for email servers (gmail etc.) and most sites that deal with payments are httpS, why would you need a VPN on a Windows laptop or an android device? I’m sure I’m missing something obvious.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s