Business executive are being warned that criminals are using hotel Wi-Fi networks to hack the devices of travelers with the hope of gaining access to a company's sensitive information.
According to a new report from Kapersky Lab, a Russian-based Internet security firm, released on Monday, the so-called "dark hotel" tricks hotel Wi-Fi users into downloading malicious software that appears to be a legitimate software update.
The firm has reported an increasing number of alarming breaches in hotel guest security since last January.
DarkHotel operates by placing phony software content updates on hotel guests' computers so they are tricked into downloading a Trojan file. The updates can look like they originate from commonly used programs like Adobe, Google or Windows.
Once installed, DarkHotel's software acts like a spy, transmitting the user's sensitive information like passwords, personal information and even access to an entire corporate network.
“Every day this is getting bigger and bigger,” Costin Raiu, manager of Kaspersky’s Global Research and Analysis Team, told Wired. “They’re doing more and more hotels.”
The majority of attacks have hit Asian hotels but there are several in the U.S. Kapersky will not name the hotels but says it is working with law enforcement and victims of the hackers.
Most alarming, the attacks extend beyond private corporate interests.The report details that the hackers have not only been systematically targeting company executives but also government agency officials. So far, primary targets appear to have been individuals from North Korea, Japan, and India.
“Their targeting is nuclear themed, but they also target the defense industry base in the U.S. and important executives from around the world in all sectors having to do with economic development and investments,” Raiu told Wired.
It's unclear who is behind it, but research indicates that DarkHotel may have origins in South Korea.
The software security firm also does not know exactly how many hotels have been hit or how the hackers gain access to the server. They did note that many hotels require guests to enter their name or room number to log into the Wi-Fi network, further compromising security.
So what does this mean for high-level hotel guests?
Kapersky offers a comprehensive guide on cyber safety. Some guests may opt not to download any new software when browsing the web on a foreign server. Wired recommends never updating directly from a pop up and checking for updates on a vendor site.
But if that site has already been compromised by Dark Hotel, you might not know.