Beware of hotel Wi-Fi — Russian hackers are stealing information from it

By Lulu Chang August 12, 2017

russia hotel wi fi hack hacking hacker lifestyle pc keyboard — pwstudio/123RF

Hotel guests already have enough anxiety-inducing fodder to make their stays a bit less than desirable. From the odd stain on the carpet to the questionable bedspread to the toilet that just won’t stop flushing (or won’t flush at all), there are plenty of reasons to think twice about even the nicest of temporary residences. And now, there’s one more.

As per a new report from security firm FireEye, a Russian hacker group called APT28, or Fancy Bear, has been targeting hotel Wi-Fi networks to spy on guests. And in recent months, the group has reportedly begun to use a leaked NSA hacking tool to make their attacks more sophisticated still.

Recommended Videos

“FireEye has moderate confidence that a campaign targeting the hospitality sector is attributed to Russian actor APT28,” the firm wrote. “We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East.”

Perhaps most alarming is the discovery that once hackers succeeded in tapping into hotel Wi-Fi, they managed to take guests’ usernames and passwords completely passively. In fact, guests didn’t even have to type in their sensitive data to have it stolen.

“It’s definitely a new technique,” Ben Read, the leader of FireEye’s espionage research team told Wired. “It’s a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”

FireEye believes that the hackers managed to infiltrate hotel networks via phishing emails that contained infected attachments and malicious Microsoft Word macros. Once they were in a hotel Wi-Fi network, they would then launch NSA hacking tool EternalBlue, which was leaked earlier in 2017. This tool allowed them to spread their control throughout the network, finally reaching servers responsible for the corporate and guest Wi-Fi networks.

Finally, APT28 is said to have used a network-hacking tool known as Responder, which gave them access to user credentials.

And if you think you can avoid these sorts of attacks by staying at nicer hotels, think again. “These were not super expensive places, but also not the Holiday Inn,” FireEye’s Read said. “They’re the type of hotel a distinguished visitor would stay in when they’re on corporate travel or diplomatic business.”

So what can you do to protect yourself? FireEye recommends bringing your own wireless hot spot to steer clear of hotel Wi-Fi altogether. Just another thing you’ll have to remember to pack for your next trip.

Topics

Former Digital Trends Contributor

Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…

Computing

Nvidia RTX 50-series GPUs: everything we know so far

RTX 4070 seen from the side.

Nvidia already makes some of the best graphics cards, but it's also not resting on its laurels. The RTX 40-series, which has been bolstered by a refresh, is now almost two years old, and Nvidia is hard at work on the next generation of GPUs.

The release date of RTX 50-series GPUs is still at least a couple of months away, but various rumors and leaks give us a better idea of what to expect. Here's everything we know about Nvidia's upcoming generation of graphics cards.
RTX 50-series: pricing and release date

Computing

Google Gemini arrives on iPhone as a native app

the Google extensions feature on iPhone

Google announced Thursday that it has released a new native Gemini app for iOS that will give iPhone users free, direct access to the chatbot without the need for a mobile web browser.

The Gemini mobile app has been available for Android since February, when the platform transitioned from the older Bard branding. However, iOS users could only access the AI on their phones through either the mobile Google app or via a web browser. This new app provides a more streamlined means of chatting with the bot as well as a host of new (to iOS) features.

Computing

The M4 Max somehow holds its own against the RTX 4080 Super

Someone using a MacBook Pro at a desk.

Although the M4 MacBook Pro has been out since last week, we're still learning just how capable its most high-end M4 Max chip performs. A new series of tests pit the M4 Max against Nvidia GPUs to see which can render Blender projects faster. In an interesting twist, the M4 Max MacBook Pro wipes the floor with the Nvidia RTX 3080 -- and even comes close to matching the RTX 4080 Super.

The impressive data comes from Robbie Tilton, who does Blender tutorials on YouTube and has now tested the M4 Max and the other Apple chips in Blender against the two generations of Nvidia graphics.