Recent research from Kapersky Lab details how hackers infiltrate high end hotels' networks targeting guests' devices and computers.
How does it work?
"The infiltration is disturbingly simple. It begins after check-in, the victim connects to the hotel Wi-Fi network, submitting his room number and surname at the login. The attackers see him in the compromised network and trick him into downloading and installing a backdoor that pretends to be an update for legitimate software — Google Toolbar, Adobe Flash or Windows Messenger. The unsuspecting executive downloads this hotel “welcome package”, only to infect his machine with a backdoor, DarkHotel’s spying software." (from Cucumber Tony)
From there, the possibilities are incredibly dangerous. There are cases of trojan viruses being installed on unsuspecting machines that collect all keystrokes and information on the device and silently send the data back to the hackers.
How do I protect myself, you may ask? Here's a few quick suggestions:
- Make sure your Internet security solution includes proactive defense against new threats rather than just basic antivirus protection
- Choose a Virtual Private Network (VPN) provider — you will get an encrypted communication channel when accessing public or semi-public Wi-Fi
- When traveling always regard software updates as suspicious - confirm that the proposed update installer is signed by the appropriate vendor