Cyberespionage Group Targets Execs through Hotel Networks
- By Matt Holden
- Nov 10, 2014
For the past four years a group of hackers has compromised the networks of luxury hotels to launch malware attacks against corporate executives and entrepreneurs traveling on business in the Asia-Pacific region, according to a report.
The group operates by injecting bad code into web portals used by hotel guests to log in to the local network and access the internet, usually by inputting their last name and room number. The infections are typically brief and are meant to target only specific guests by prompting them to download updates for popular software applications. The rogue software updates deploy malware implants that then download and install digitally-signed information-stealing programs.
“This group of attackers seems to know in advance when these individuals will arrive and depart from their high-end hotels,” said the Kaspersky Lab researchers in a report. After the victims check out of the hotel, the attackers disable the malicious code injected into the hotel’s network portal and hide their tracks.
Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.