Business executives visiting luxury hotels in Asia have been infected with malware delivered over public Wi-Fi networks, Russian security firm Kaspersky Lab has discovered. Kaspersky, which nicknamed the attack “Darkhotel,” declined to name specific hotels or guests who were victims of the attack, saying the investigation was ongoing. The company said it was working with law enforcement.
The hackers managed to tweak their code to ensure that only machines belonging to specific targets were infected, not all visitors’ PCs, and may have included state-sponsored hacking. They also seemed to have advance knowledge of their victims’ whereabouts and which hotels they would be visiting, Kaspersky said. Operating methodically — almost as though they have a hit list — the hackers never target the same person twice, Costin Raiu, director of global research and analysis at Kaspersky Lab, told ABC News.
"It seems to us that the main focus is to get further access into their networks," Raiu said of the incidents. "Perhaps the executives are not exactly the primary target," he said. "Of course these guys happen to have interesting information, but I believe the attackers want to look deeper into these companies."
After connecting to an infected hotel network, travelers are asked to install seemingly legitimate updates to products such as Adobe Flash and Google Toolbar, but actually contain infected software. That allowed attackers to figure out which victims were most significant and download additional malware. After the attack, the hackers would harvest cached and stored passwords, the Wall Street Journal reports. Hackers cover their tracks by deleting these tools off hotel networks afterward.
In 2012, the FBI issued a general warning to U.S. government officials, businessmen and academics, advising them to use caution when updating computer software via hotel Internet connections when traveling abroad, Reuters reports. Kaspersky's report goes further in detailing the scale, methods and precise targeting of these attacks on top business travelers.