Skip to main content

Beware of hotel Wi-Fi — Russian hackers are stealing information from it

Hotel guests already have enough anxiety-inducing fodder to make their stays a bit less than desirable. From the odd stain on the carpet to the questionable bedspread to the toilet that just won’t stop flushing (or won’t flush at all), there are plenty of reasons to think twice about even the nicest of temporary residences. And now, there’s one more.

As per a new report from security firm FireEye, a Russian hacker group called APT28, or Fancy Bear, has been targeting hotel Wi-Fi networks to spy on guests. And in recent months, the group has reportedly begun to use a leaked NSA hacking tool to make their attacks more sophisticated still.

Recommended Videos

“FireEye has moderate confidence that a campaign targeting the hospitality sector is attributed to Russian actor APT28,” the firm wrote. “We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East.”

Please enable Javascript to view this content

Perhaps most alarming is the discovery that once hackers succeeded in tapping into hotel Wi-Fi, they managed to take guests’ usernames and passwords completely passively. In fact, guests didn’t even have to type in their sensitive data to have it stolen.

“It’s definitely a new technique,” Ben Read, the leader of FireEye’s espionage research team told Wired. “It’s a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”

FireEye believes that the hackers managed to infiltrate hotel networks via phishing emails that contained infected attachments and malicious Microsoft Word macros. Once they were in a hotel Wi-Fi network, they would then launch NSA hacking tool EternalBlue, which was leaked earlier in 2017. This tool allowed them to spread their control throughout the network, finally reaching servers responsible for the corporate and guest Wi-Fi networks.

Finally, APT28 is said to have used a network-hacking tool known as Responder, which gave them access to user credentials.

And if you think you can avoid these sorts of attacks by staying at nicer hotels, think again. “These were not super expensive places, but also not the Holiday Inn,” FireEye’s Read said. “They’re the type of hotel a distinguished visitor would stay in when they’re on corporate travel or diplomatic business.”

So what can you do to protect yourself? FireEye recommends bringing your own wireless hot spot to steer clear of hotel Wi-Fi altogether. Just another thing you’ll have to remember to pack for your next trip.

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Watch out — there are fake AMD Ryzen 7 9800X3D CPUs on Amazon
A fake and real AMD Ryzen 7 9800X3D side by side.

Buying one of the best processors from a retailer like Amazon seems like a safe bet, but that isn't always the case. A hardware reviewer just bought an AMD Ryzen 7 9800X3D CPU on Amazon only to find out that it was fake. The box looked convincing enough, but the hardware found inside had nothing to do with the beastly CPU you'd expect to find. The worst part? I found fake listings on Amazon right now for that same CPU.

Crmaris from HWBusters is the unlucky shopper. He needed an extra Ryzen 7 9800X3D CPU for testing purposes, so he ordered one from Amazon Germany. The reviewer claims that the CPU was sold directly by Amazon and was brand new, which should imply that it'd arrive in good condition.

Read more
If you’re considering a Sky Blue MacBook Air, you might want to act quickly
M4 MacBook Air

Apple has announced two iPad models, the Mac Studio, and the MacBook Air so far this year, and out of all of these products, the Sky Blue MacBook Air is expected to sell the most. Bloomberg's Mark Gurman says Apple is expecting high demand for all the latest devices but the new color option for the budget MacBook is expected to be particularly hot.

https://x.com/markgurman/status/1898825550028013879

Read more
Apple Vision Pro tipped for a serious upgrade at WWDC 2025
Alan Truly enjoys the Apple Vision Pro's look and pinch user interface.

News about the Vision Pro or its future successors has been pretty slow lately but according to Bloomberg's Mark Gurman, Apple is planning a big release for visionOS 3.

There aren't many details at the moment, but Gurman says that Apple "can't just let the Vision Pro die out" because it has invested too much into the technology and it needs to keep the device alive and updated for the people who bought it. He says visionOS 3 will be "a pretty feature-packed release," and that we'll find out more about it at WWDC this year.

Read more