Business execs warned against the ‘darkhotel’ | Inquirer Technology

Business execs warned against the ‘darkhotel’

By: - NewsLab Lead / @MSantosINQ
/ 01:44 PM November 13, 2014

MANILA, Philippines – Business executives booked in hotels beware.

A group of cybercriminals has been stealing confidential information through the WiFi network, according to an international computer security company.

Kaspersky Lab’s Global Research and Analysis Team called the cybercriminals as “Darkhotel” and added that they have been doing this “espionage campaign” as early as August 2010 by victimizing top officials of corporations who hold sensitive and confidential data in their computers.

Article continues after this advertisement

“For the past few years, a strong actor named Darkhotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior,” Kurt Baumgartner, Principal Security Researcher at Kaspersky Lab said in a recent statement.

FEATURED STORIES

“This threat actor has operational competence, mathematical and crypto-analytical offensive capabilities, and other resources that are sufficient to abuse trusted commercial networks and target specific victim categories with strategic precision,” he said.

Darkhotel Espionage Campaign

Screengrab from Kaspersky Lab Youtube account

Kasperksy said that about 90 percent of the infections appear to be located in Japan, Taiwan, China, Russia and South Korea … [and infections were also recorded] in the United States, the United Arab Emirates, Singapore, Kazakhstan, the Philippines, Hong Kong, India, Indonesia, Germany, Ireland, Mexico, Belgium, Serbia, Lebanon, Pakistan, Greece, Italy and others.

Article continues after this advertisement

Darkhotel operates by infecting the Wi-Fi networks of hotels which alerts the cybercriminals when their particular high-value target logs on using their room number and surname.

Article continues after this advertisement

“The attackers see him in the compromised network and trick him into downloading and installing a backdoor [malicious software] that pretends to be an update for legitimate software – Google Toolbar, Adobe Flash or Windows Messenger,” Kasperky said in their computer security advisory.

Article continues after this advertisement

The backdoor then allows the attackers to infect the executive’s computer further with information-stealing tools such as software that record what are being typed on the computer keyboard.

“These tools collect data about the system and the anti-malware software installed on it, steal all keystrokes, and hunt for cached passwords in Firefox, Chrome and Internet Explorer, Gmail Notifier, Twitter, Facebook, Yahoo! and Google login credentials, and other private information,” Kaspersky said.

Article continues after this advertisement

“Victims lose sensitive information – likely the intellectual property of the business entities they represent. After the operation, the attackers carefully delete their tools from the hotel network and go back into hiding,” it said.

Kaspersky recommended that any Wi-Fi network should be considered as potentially dangerous when a person travels. Also, any offers of downloads or software updates should be treated with extra caution and should be verified with the program vendor, if possible.

“These travelers are often top executives from a variety of industries doing business and outsourcing in the Asia-Pacific region. Targets have included CEOs, senior vice presidents, sales and marketing directors and top Research and Development staff,” Kaspersky said.
 

RELATED STORIES

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

9 common scams on social media 
 
Software firm discovers group conducting espionage 
 
Cybercriminals steal info from Facebook, other social media 

TOPICS: Business, Espionage, infotech, IT, Kaspersky Lab, security, technology, WiFi
TAGS: Business, Espionage, infotech, IT, Kaspersky Lab, security, technology, WiFi

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.