The life of the well-to-do is all about exclusivity – and now they even have their own computer virus.
Hackers have been targeting CEOs and other corporate executives through the WiFi networks of luxury hotels where they stay. The goal is to gain access to sensitive corporate information that they can then exploit.
While the “Dark Hotel” computer virus isn’t new, it was recently discovered by the security company Kaspersky Lab and a third-party company that manages the WiFi network of an Asian hotel where a hacking took place.
Dark Hotel “has lurked in the shadows for at least four years while stealing sensitive data from selected corporate executives traveling abroad,” Kaspersky Lab wrote in a press release this week.
The threat, which has affected CEOs, senior vice presidents, sales and marketing directors and top research and development staff from the U.S. and Asia, is still active.
Hackers “wait until after check-in when the victim connects to the hotel WiFi network” and then submits his or her room number and surname to log in, according to the release. “The attackers see the victim in the compromised network and trick the person into downloading and installing a backdoor that pretends to be an update for legitimate software such as Google Toolbar, Adobe Flash or Windows Messenger.”
Ultimately, the virus collects data from the hacked computer, including cached passwords in Firefox, Chrome and Internet Explorer and login credentials for Twitter, Facebook, Yahoo! and Google. Victims end up losing sensitive information, which can also be the intellectual property of the businesses they represent.
Just like a perfectly orchestrated robbery you might see only in the movies, the attackers carefully delete their tools from the hotel network after the operation is completed – and go back into hiding. And the victim likely never knows it happened.
“For the past few years, a strong actor named Dark Hotel has performed a number of successful attacks against high-profile individuals, employing methods and techniques that go well beyond typical cybercriminal behavior,” Kurt Baumgartner, principal security researcher at Kaspersky Lab, commented in the release.
The company warns that travelers should always be wary of any WiFi networks, even the semi-private ones in hotels. Here are a few other steps to avoid being one of Dark Hotel’s victims:
- Obtain a personal WiFi hotspot on your smartphone or other device through your phone company.
- Choose a Virtual Private Network provider, which creates an encrypted communication channel when accessing public WiFi -- making it more secure.
- Beware of software updates, especially when traveling.
- Make sure your antivirus protection is thorough and up to date.
Top Reads from The Fiscal Times: