High-ranking professionals from a range of industries are being infected with malware when they log on to hotel Wi-Fi networks, Dubbed ‘Darkhotel’, the APT campaign targeting C-level executives and other senior officials is mostly active in Asia, where 90% of infections have occurred. Based on offensive activity dating back at least as far as 2008, Kaspersky believes infections number in the thousands.
Darkhotel works by spear-phishing targets with a Trojan that poses as legitimate software updates, such as Adobe Flash or GoogleToolbar. Once authorization of the bogus update has occurred, hackers are able to record and collect sensitive data from the connected user’s device via a backdoor.
The research suggests that individual victims are being specifically targeted by Darkhotel.