Experts have unveiled a cyberespionage campaign that targets high-profile business executives staying in luxury hotels overseas.
Kaspersky Labs Global Research and Analysis Team discovered the campaign – which lurks on hotel networks and business centers in a number of countries – and waits for the prominent guests to connect to the hotel’s Wi-Fi believed to be secure, according to a recent blog post.
Once connected by providing their room number and surname to login, attackers trick the victims into downloading malicious software believed to be updates for legitimate ones including Google Toolbar, Adobe Flash, or Windows Messenger. After doing so victims’ machines are compromised by the DarkHotel spying software that enables attackers to upload additional malware, log keystrokes, and “hunt for cached passwords.”
After collecting sensitive or proprietary information, attackers are able to delete their malicious software from the hotel network.