Hackers used hotel Wi-Fi to steal business executive's data, researchers say

Business executives visiting luxury hotels in Asia have been infected with malware delivered over public Wi-Fi networks, Russian security firm Kaspersky Lab has discovered. Kaspersky, which nicknamed the attack “Darkhotel,” declined to name specific hotels or guests who were victims of the attack, saying the investigation was ongoing. The company said it was working with law enforcement.

The hackers managed to tweak their code to ensure that only machines belonging to specific targets were infected, not all visitors’ PCs, and may have included state-sponsored hacking. They also seemed to have advance knowledge of their victims’ whereabouts and which hotels they would be visiting, Kaspersky said. Operating methodically — almost as though they have a hit list — the hackers never target the same person twice, Costin Raiu, director of global research and analysis at Kaspersky Lab, told ABC News.

"It seems to us that the main focus is to get further access into their networks," Raiu said of the incidents. "Perhaps the executives are not exactly the primary target," he said. "Of course these guys happen to have interesting information, but I believe the attackers want to look deeper into these companies."

FREE DAILY NEWSLETTER

Like this story? Subscribe to Operations & Technology!

Hospitality professionals turn to Operations & Technology as their go-to source for breaking news on guestrooms, food & beverage, hospitality and technology trends, management and more. Sign up today to get news and updates delivered to your inbox daily and read on the go.

After connecting to an infected hotel network, travelers are asked to install seemingly legitimate updates to products such as Adobe Flash and Google Toolbar, but actually contain infected software. That allowed attackers to figure out which victims were most significant and download additional malware. After the attack, the hackers would harvest cached and stored passwords, the Wall Street Journal reports. Hackers cover their tracks by deleting these tools off hotel networks afterward.

In 2012, the FBI issued a general warning to U.S. government officials, businessmen and academics, advising them to use caution when updating computer software via hotel Internet connections when traveling abroad, Reuters reports. Kaspersky's report goes further in detailing the scale, methods and precise targeting of these attacks on top business travelers.

Suggested Articles

As part of moving HITEC from June to October, the association plans to hold three other events in San Antonio at the same time.

The company’s COVID-19 Recovery Checklists Software can track progress and provide reporting for hotels.

During the series’ first installment, AAHOA focused on the impact COVID-19 is having on the industry and what AAHOA is doing to help.