We Optimized Your Assets
Dark Hotel Hotel

DarkHotel – Hacks Target Business Travelers Report

November 17th, 2014 by

banner dark hotel

DarkHotel: a spy campaign in luxury Asian hotels 

Cyberespionage is the weapon of choice in the 21st century. Even a seemingly harmless mobile app is able to find out quite a few secrets that a careless user might reveal, let alone full-scale surveillance campaigns specifically targeted at representatives of major businesses and government organizations. This autumn’s newest revelation is Kaspersky Lab’s discovery of a spy network, dubbed ‘Darkhotel’, which had been active for seven years in a number of Asian hotels. Furthermore, smart and professional spies involved in this long-running operation created a comprehensive toolkit consisting of various methods that can be used to break into victims’ computers.

10390042_976442265703370_6987426406581770170_n

How does it works?

The main method of infiltration into the victim’s PC was through Wi-Fi networks in a number of luxury Asian hotels. Cybercriminals used zero-day exploits in Adobe Flash and other popular products by renowned vendors. Such vulnerabilities are not easy to find, which proves the fact that either rich sponsors, who can afford to purchase quite an expensive cyber weapon, were behind the operation, or the high level of professionalism of the agents that were involved in the campaign. Likely both.

image body - darkhotel

Most Vulnerable Target :

  • C-level victims: CEOs, Senior Vice Presidents, Sales and Marketing Directors and top R&D staff
  • The gang use both targeted attacks and botnet-style operations. They compromise hotel networks, then stage attacks from those networks on selected high profile victims.

How do I reduce my exposure to such attacks?

  • Update all third party software before you go on your trip.
  • Use a strong anti-malware product, best practices
  • Use a separate ‘travel’ computer or, alternatively, use a dedicated virtual computer while you’re travelling.
  • Use a VPN while traveling.
  • Use two-factor authentication for e-mail and other confidential services.
  • Use strong, unique passwords for each resource you access.
  • Use separate e-mail, Skype and IM accounts while travelling.

For further information, please kindly contact :

MarketingO@optima-online.com  |  Phone : +62 21 580 6203