Stories
Slash Boxes
Comments

SoylentNews is people

Use Caution When Using Hotel Business Center PCs

posted by n1 on Tuesday July 15 2014, @09:25PM   Printer-friendly
from the security-was-always-an-illusion dept.

AnonTechie writes:

Ars Technica reports:

The US Secret Service is warning hotel operators to be on the lookout for malware that steals passwords and other sensitive data from guests using PCs in business centers, according to a published report.

The non-public advisory was issued on last Thursday, KrebsOnSecurity reporter Brian Krebs reported Monday. Krebs said the notice warned that authorities recently arrested suspects who infected computers at several major hotel business centers around Dallas. In that case, crooks using stolen credit card data to register as hotel guests used business center computers to access Gmail accounts. From there, they downloaded and installed keylogging software. The malware then surreptitiously captured login credentials for banking and other online services accessed by guests who later used the compromised PCs.

The report is a poignant reminder why it's rarely a good idea to use public PCs for anything more than casual browsing of websites. Even when PCs are within eyesight of a business center employee, librarian, or other supervisor, and even when it is locked down with limited "guest" privileges, there are usually a host of ways attackers can compromise machines running either Windows or Mac OS X.

 
This discussion has been archived. No new comments can be posted.
Use Caution When Using Hotel Business Center PCs | Log In/Create an Account | Top | 20 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Kilo110 on Tuesday July 15 2014, @10:11PM

    by Kilo110 (2853) on Tuesday July 15 2014, @10:11PM (#69466)

    Well I'm picturing a hypervisor that loads a windows vm that discards changes to the hdd image. I know vmware has that ability, I'm sure others do as well.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by frojack on Wednesday July 16 2014, @06:27AM

    by frojack (1554) Subscriber Badge on Wednesday July 16 2014, @06:27AM (#69633) Journal

    Yes, I understand the principal.
    But that shady character working at the front desk plugged a little shim device into the keyboard slot, and then plugged the keyboard into that, and its recording everything you type. Logins, passwords, account numbers, etc.

    --
    No, you are mistaken. I've always had this sig.

    • (Score: 2) by maxwell demon on Wednesday July 16 2014, @06:38AM

      by maxwell demon (1608) Subscriber Badge on Wednesday July 16 2014, @06:38AM (#69636) Journal

      Are there still computers where the keyboard is an integrated part (like those old home computers)? That would at least make it impossible to put anything in between keyboard and computer without opening the computer (which would probably not be as easy to perform without being noticed).

      On the other hand, even the most secure computer setup would not prevent a hidden camera pointed at the keyboard. Indeed, if there's a dedicated place to put your laptop on (that is a fixed table with chair and connectors which would be the place where you'd most likely put your laptop), even using your own laptop would not help against that type of attack.

      (And BTW, it's "principle", not "principal".)

      --
      The Tao of math: The numbers you can count are not the real numbers.

    • (Score: 2) by aristarchus on Wednesday July 16 2014, @08:39AM

      by aristarchus (2645) on Wednesday July 16 2014, @08:39AM (#69669) Journal

      Yes, I understand the Principal as well. But was it not the Principle that was in question? Merci beaucoups if not.