Business executives traveling in Asia and elsewhere have become victims of malware called Darkhotel, a bug that targets guests of high-end hotels through their networks, a computer-security firm said.
The bug invades personal devices after tricking users into downloading a fake software update through the invaded hotel’s Wi-Fi or physical network, according to a report from Moscow- based Kaspersky Lab Inc. Darkhotel steals private information such as saved passwords and downloads other more advanced hacking tools, the company said.
More than 90 percent of the malware attacks, first spotted in 2009, have occurred in Asia and Russia, according to the report. Attackers seemed to know the exact times of arrival and departure for their targets, including corporate executives and entrepreneurs, and then waited for these victims to arrive at their hotels and connect to the Web, Kaspersky Lab said.
“I do see this as a continuing threat — there’s a good chance they will modify the malware with a new set of tools,” said Kurt Baumgartner, principal security researcher at Kaspersky Lab. “I hope executives can become more aware of traveling and online communications.”
Baumgartner said the attackers are “well-resourced,” though he declined to name the hotels and executives that were targeted by the hackers.
“These attacks are selectively distributed to targeted high-importance individuals,” said Tyler Shields, an analyst at Forrester Research Inc. “There’s no direct way to monetize this, but it feels like a way a blanket attack to later compromise enterprises.”