Kaspersky Uncovers “Darkhotel” WiFi Hacking Campaign

0

The security firm released a new report detailing why executives traveling in Asia might not want to log in to their hotel’s wireless network.

Kaspersky Uncovers "Darkhotel" WiFi Hacking Campaign

The so-called “Darkhotel” espionage campaign has been running for four years, stealing sensitive data from traveling corporate executives staying at luxury hotels in Asia. Kaspersky has studied the threat and released its findings today, as well as some tips on how to safeguard your internet security against such threats.

Despite 60% Loss On Shorts, Yarra Square Up 20% In 2020

Yarra Square Investing Greenhaven Road CapitalYarra Square Partners returned 19.5% net in 2020, outperforming its benchmark, the S&P 500, which returned 18.4% throughout the year. According to a copy of the firm's fourth-quarter and full-year letter to investors, which ValueWalk has been able to review, 2020 was a year of two halves for the investment manager. Q1 2021 hedge fund Read More


Darkhotel – How it works

Those behind Darkhotel wait for a victim to log in to a wireless network, submitting a room number and surname. They then prompt the user to install what appears to be a genuine update for common software, but is in fact a backdoor.

This backdoor software can then be used to collect data, record keystrokes, and extract cached passwords. Hackers often get away with sensitive information, including intellectual property, without the victim ever knowing.

“For the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior,” said Kurt Baumgartner, principal security researcher at Kaspersky.

Sophisticated attackers

After stealing what they want, the hackers retreat from the network without leaving a trace.

“This threat actor has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision,” Baumgartner said.

The attacks are concentrated in Japan, Taiwan, China, Russia and South Korea. Kaspersky has told travelers to be sure to log in to a Virtual Private Network (VPN) if they access public or semi-public Wi-Fi. The firm also suggests that any software updates should be treated as suspicious, and users should ensure that their antivirus package includes proactive defense rather than just basic antivirus protection.

Baumgartner has noticed an evolution in the modus operandi of hackers. “The mix of both targeted and indiscriminate attacks is becoming more and more common in the APT scene,” he said, “where targeted attacks are used to compromise high profile victims, and botnet-style operations are used for mass surveillance or performing other tasks such as DDoSing hostile parties or simply upgrading interesting victims to more sophisticated espionage tools.”

Previous article Suntrust Downgrades VistaPrint Limited from Buy to Neutral
Next article Apple Inc. To Open Retail Stores 8:00 AM On Black Friday
While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. <i>To contact Brendan or give him an exclusive, please contact him at [email protected]</i>

No posts to display