Skip to Content
Security & privacy

Hackers use hotel Wi-Fi to spy on guests and steal data

If you travel and stay in hotels, do not use the public Wi-Fi without protecting yourself. A highly sophisticated hacker ring is targeting hotel guests who use Wi-Fi to remotely take over your digital devices and spy on you.

This is a multi-pronged, complex attack that involves email phishing, social engineering and a trojan. The hacker ring, known as DarkHotel, appears to be targeting people traveling for business, including powerful executives and political leaders.

Bonus: Keep reading for a simple tip to protect yourself when using public Wi-Fi.

The DarkHotel hacker group, which has been active for several years, is sophisticated and continually perfecting their methods. This time, they start with a phishing email campaign.

They send email messages that are specifically targeted to the people they are trying to spy on. The email is not a generic message that could apply to anyone. Instead, it addresses you by name with a phony document that looks real.

In this case, it’s a Microsoft Word letter that catches victims’ attention by referring to groups that are familiar to everyone, like the United Nations and Unicef. The social engineering part of the campaign is that DarkHotel tailors the message to you, so you open it.

Warning: Keep reading for a tip to protect yourself from this sophisticated hack


Photo courtesy of ZDNet

Once the DarkHotel hackers have convinced you to open the Word document, they’ll start their malware attack. The malware is called Inexsmar.

They don’t infect your computer at one time. Instead, it’s a slow roll out that is meant to give them time to evolve their malware as your anti-malware software issues patches for it.

Here’s what you must do: Do not use public Wi-Fi. This DarkHotel hack is just one of many examples of hackers exploiting the public Wi-Fi you use at coffee shops, restaurants, hotels and more.

Instead, use a Virtual Private Network (VPN). These are encrypted web browsers like Speedify that hide your location and your device’s IP address. Hackers cannot find you.

More Stories You Can’t Miss:

5 smartphone spy apps that could be listening and watching you right now

Critical steps to secure your home Wi-Fi

Millions duped by fake video spreading on Facebook

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days