Beware of hotel Wi-Fi — Russian hackers are stealing information from it

By Lulu Chang August 12, 2017

russia hotel wi fi hack hacking hacker lifestyle pc keyboard — pwstudio/123RF

Hotel guests already have enough anxiety-inducing fodder to make their stays a bit less than desirable. From the odd stain on the carpet to the questionable bedspread to the toilet that just won’t stop flushing (or won’t flush at all), there are plenty of reasons to think twice about even the nicest of temporary residences. And now, there’s one more.

As per a new report from security firm FireEye, a Russian hacker group called APT28, or Fancy Bear, has been targeting hotel Wi-Fi networks to spy on guests. And in recent months, the group has reportedly begun to use a leaked NSA hacking tool to make their attacks more sophisticated still.

Related Videos

“FireEye has moderate confidence that a campaign targeting the hospitality sector is attributed to Russian actor APT28,” the firm wrote. “We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East.”

Perhaps most alarming is the discovery that once hackers succeeded in tapping into hotel Wi-Fi, they managed to take guests’ usernames and passwords completely passively. In fact, guests didn’t even have to type in their sensitive data to have it stolen.

“It’s definitely a new technique,” Ben Read, the leader of FireEye’s espionage research team told Wired. “It’s a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”

FireEye believes that the hackers managed to infiltrate hotel networks via phishing emails that contained infected attachments and malicious Microsoft Word macros. Once they were in a hotel Wi-Fi network, they would then launch NSA hacking tool EternalBlue, which was leaked earlier in 2017. This tool allowed them to spread their control throughout the network, finally reaching servers responsible for the corporate and guest Wi-Fi networks.

Finally, APT28 is said to have used a network-hacking tool known as Responder, which gave them access to user credentials.

And if you think you can avoid these sorts of attacks by staying at nicer hotels, think again. “These were not super expensive places, but also not the Holiday Inn,” FireEye’s Read said. “They’re the type of hotel a distinguished visitor would stay in when they’re on corporate travel or diplomatic business.”

So what can you do to protect yourself? FireEye recommends bringing your own wireless hot spot to steer clear of hotel Wi-Fi altogether. Just another thing you’ll have to remember to pack for your next trip.

Editors' Recommendations

Topics

Computing

This is how you can accidentally kill AMD’s best CPU for gaming

Someone holding the Ryzen 7 5800X3D in a red light.

It turns out that one of AMD's best gaming CPUs, the Ryzen 7 5800X3D, can accidentally be killed if you try to overclock it, and it's all because there are no limitations as to how far you can push the processor.

Igor Wallossek of Igor's Lab found that the software used for overclocking and overvolting Ryzen CPUs currently doesn't impose any limits when you try to ramp up the voltage. And that's a recipe for turning a fun performance boost into an overclocking nightmare.

Computing

This ChatGPT alternative is free, open source, and available now

A ColossalChat poem about ChatGPT appears on a MacBook screen.

The first open-source AI chatbot in the vein of ChatGPT has arrived, and it's come at a particularly helpful time. ColossalChat is a powerful alternative that uses an RHLF pipeline similar to OpenAI's GPT-4 model that powers ChatGPT, and it's available for immediate use.

ChatGPT, of course, remains the premier AI chatbot and keeps plenty busy. But I just tried to log in now and found it was at capacity and, therefore, unavailable. This is a common problem with the service. ColossalChat, on the other hand, is wide open and ready to use for free.

Computing

Samsung’s 49-inch QLED gaming monitor is heavily discounted

Front view of Samsung's new QLED Odyssey gaming monitor sitting on desk.

Gaming monitors, that is those tailored specifically for high performance and lots of onscreen action, can be pretty expensive. Even if you're browsing some of the best gaming monitor deals, you'll notice right away that the bigger the display, the higher the cost -- not unlike so many TV deals out there. That's why it's always worth calling out individual deals when they're good, like this next one on Samsung's massive 49-inch Odyssey Quantum LED curved gaming monitor. There's a lot to unpack here, which we'll get to, but for now, just know that Samsung is offering a hefty discount of $600, bringing the standard price of $2,300, down to $1,700. Wowzers. Grab that deal below or keep reading to learn more about the monitor.

A monitor this size -- and we hope you have a desk big enough too -- wraps around you to give you an immersive experience like no other. You're truly surrounded by the display, and everything happening onscreen. Samsung's 49-inch Quantum Mini LED display supports a 240Hz refresh rate and a lightning-fast 1ms response time, plus it's compatible with both Nvidia's G-Sync and AMD's FreeSync technologies. If you want to see how it stacks up against the OLED model, you can check out our comparison: Samsung Odyssey OLED 49 vs. Odyssey Neo G9 (2023).