If you travel and stay in hotels, do not use the public Wi-Fi without protecting yourself. A highly sophisticated hacker ring is targeting hotel guests who use Wi-Fi to remotely take over your digital devices and spy on you.
This is a multi-pronged, complex attack that involves email phishing, social engineering and a trojan. The hacker ring, known as DarkHotel, appears to be targeting people traveling for business, including powerful executives and political leaders.
Bonus: Keep reading for a simple tip to protect yourself when using public Wi-Fi.
The DarkHotel hacker group, which has been active for several years, is sophisticated and continually perfecting their methods. This time, they start with a phishing email campaign.
They send email messages that are specifically targeted to the people they are trying to spy on. The email is not a generic message that could apply to anyone. Instead, it addresses you by name with a phony document that looks real.
In this case, it's a Microsoft Word letter that catches victims' attention by referring to groups that are familiar to everyone, like the United Nations and Unicef. The social engineering part of the campaign is that DarkHotel tailors the message to you, so you open it.
Warning: Keep reading for a tip to protect yourself from this sophisticated hack
Photo courtesy of ZDNet
Once the DarkHotel hackers have convinced you to open the Word document, they'll start their malware attack. The malware is called Inexsmar.
They don't infect your computer at one time. Instead, it's a slow roll out that is meant to give them time to evolve their malware as your anti-malware software issues patches for it.
Here's what you must do: Do not use public Wi-Fi. This DarkHotel hack is just one of many examples of hackers exploiting the public Wi-Fi you use at coffee shops, restaurants, hotels and more.
Instead, use a Virtual Private Network (VPN). These are encrypted web browsers like Speedify that hide your location and your device's IP address. Hackers cannot find you.