Traveling exec's are the target of cyberespionage groups
Posted by: Timothy Weaver on 11/10/2014 11:57 AM [ Comments ]
Sophisticated hackers are compromising the networks of luxury hotels in an effort to launch malware attacks against corporate executives and entrepreneurs.
Researchers from Kaspersky Lab dubbed the cyberespionage group Darkhotel. The group operates by injecting malicious code into the Web portals used by hotel guests to log in to the local network and access the Internet.
The malware prompts the victims to download "updates" for popular software applications. Once downloaded, the malware then deploys malware implants that then download and install digitally-signed information-stealing programs.
Kaspersky Lab researchers said: “This group of attackers seems to know in advance when these individuals will arrive and depart from their high-end hotels."
Once the victim checks out of the hotel, the criminals then remove the malicious code and hide their tracks.
Kaspersky Lab researchers said: “Considering their well-resourced, advanced exploit development efforts and large, dynamic infrastructure, we expect more Darkhotel activity in the coming years."
Kaspersky has found that the cybercriminals tools include: a malware downloader; a keylogger; a Trojan program that gathers system information; an information stealer component that collects passwords stored in browsers and other sensitive data; and a file-infecting virus that spreads via USB drives and network shares.
The malware prompts the victims to download "updates" for popular software applications. Once downloaded, the malware then deploys malware implants that then download and install digitally-signed information-stealing programs.
Kaspersky Lab researchers said: “This group of attackers seems to know in advance when these individuals will arrive and depart from their high-end hotels."
Once the victim checks out of the hotel, the criminals then remove the malicious code and hide their tracks.
Kaspersky Lab researchers said: “Considering their well-resourced, advanced exploit development efforts and large, dynamic infrastructure, we expect more Darkhotel activity in the coming years."
Kaspersky has found that the cybercriminals tools include: a malware downloader; a keylogger; a Trojan program that gathers system information; an information stealer component that collects passwords stored in browsers and other sensitive data; and a file-infecting virus that spreads via USB drives and network shares.
Comments