Skip to main content

Beware of hotel Wi-Fi — Russian hackers are stealing information from it

Hotel guests already have enough anxiety-inducing fodder to make their stays a bit less than desirable. From the odd stain on the carpet to the questionable bedspread to the toilet that just won’t stop flushing (or won’t flush at all), there are plenty of reasons to think twice about even the nicest of temporary residences. And now, there’s one more.

As per a new report from security firm FireEye, a Russian hacker group called APT28, or Fancy Bear, has been targeting hotel Wi-Fi networks to spy on guests. And in recent months, the group has reportedly begun to use a leaked NSA hacking tool to make their attacks more sophisticated still.

Recommended Videos

“FireEye has moderate confidence that a campaign targeting the hospitality sector is attributed to Russian actor APT28,” the firm wrote. “We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East.”

Perhaps most alarming is the discovery that once hackers succeeded in tapping into hotel Wi-Fi, they managed to take guests’ usernames and passwords completely passively. In fact, guests didn’t even have to type in their sensitive data to have it stolen.

“It’s definitely a new technique,” Ben Read, the leader of FireEye’s espionage research team told Wired. “It’s a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”

FireEye believes that the hackers managed to infiltrate hotel networks via phishing emails that contained infected attachments and malicious Microsoft Word macros. Once they were in a hotel Wi-Fi network, they would then launch NSA hacking tool EternalBlue, which was leaked earlier in 2017. This tool allowed them to spread their control throughout the network, finally reaching servers responsible for the corporate and guest Wi-Fi networks.

Finally, APT28 is said to have used a network-hacking tool known as Responder, which gave them access to user credentials.

And if you think you can avoid these sorts of attacks by staying at nicer hotels, think again. “These were not super expensive places, but also not the Holiday Inn,” FireEye’s Read said. “They’re the type of hotel a distinguished visitor would stay in when they’re on corporate travel or diplomatic business.”

So what can you do to protect yourself? FireEye recommends bringing your own wireless hot spot to steer clear of hotel Wi-Fi altogether. Just another thing you’ll have to remember to pack for your next trip.

Lulu Chang
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
This Lenovo all-in-one computer is 30% off even though Prime Day has ended
The Lenovo V100 All-in-One Desktop Computer on a white background.

Even though Prime Day is already finished, there are still some excellent desktop computer deals on Amazon. If you don't have much space, or you just want to avoid clutter, you should take a look at the Lenovo V100 All-in-One PC. From its original price of $800, it's all the way down to just $560 following a 30% discount. The offer for this machine will only be available for a limited time though, so you need to act fast and proceed with the transaction immediately to secure the savings of $240.

Buy Now

Read more
The new Reachy Mini robot can let kids turn play into innovation
The Reachy Mini robot.

The Reachy Mini is an exciting new desktop robot aimed primarily at developers, educators, students, and enthusiasts, or basically anyone interested in creative coding.

There are actually two of them -- Reachy Mini Lite ($299) and Reachy Mini Wireless ($449) -- and both were developed by the prominent AI platform Hugging Face following its recent acquisition of Pollen Robotics. 

Read more
If you’re itching for an HP OMEN MAX gaming laptop, this deal will save you $500
The HP Omen Max gaming laptop with Valorant on the screen.

We've recently published a stunningly positive review of the HP OMEN Max 16. It's got a list of "Pros" a mile long. The single, obligatory con is "Thick and heavy." Considering that it's a gaming laptop, that's practically the equivalent of saying a flashlight is too bright to look at. Thick, and a bit heavy, just comes with the territory. All of this is to say that the review was great and we're fans of the HP OMEN Max 16. As a deal hunter it made me want to go and see if I could find a deal on the HP OMEN Max 16 and I did, sort of. Right now you can get a customizable HP OMEN Max 16t — a laptop that, if it didn't have a separate store page, I would think is identical to the one we reviewed — with a $500 discount, no matter what settings you choose. With the base settings of the laptop, that discount brings it from $2,100 to just $1,600, but you're free to upgrade to your heart's content. Tap the button below to start customizing to your whimsy or keep reading for some advice on how to do so and what to expect from the 16t.

Buy Now

Read more