There are plenty of reasons not to use hotel Wi-Fi. It’s often expensive, sluggish, and unreliable. Sometimes it seems like nobody knows the network password, and when trouble arises it’s hard to convince the front desk that there’s a problem with their network, not one with your devices.
Now you can add something new to that list: Hackers are using hotel Wi-Fi to steal data through zero-day vulnerabilities that companies like Adobe and Microsoft aren’t even aware of. ( http://blogs.wsj.com/digits/2014/11/10/cybercrime-gang-targets-execs-using-hotel-internet/?mod=ST1 )
Kaspersky Lab has appropriately dubbed the attacks the Darkhotel APT ( https://securelist.com/blog/research/66779/the-darkhotel-apt/ ). (It’s not as catchy as Heartbleed, but it’s a little more explanatory, I guess.) Darkhotel works by taking advantage of hotel Wi-Fi’s public nature and the willingness with which many people install updates to popular software like Adobe’s Flash. Hackers are said to have used the tactic to steal information from people traveling in Asia, but researchers found that the malware infected computer across North America and Europe, too.
(Score: 3, Interesting) by jackb_guppy on Tuesday November 11 2014, @05:11AM
They "know". Just like MS storing your bitlocker encryption keys in the cloud, "to help you recover them"... and the NSA. Who would you expect to put this 0-day exploits in the code in the first place?
We get the government we pay for! Microsoft and NSA making the world safer for themselves.
My hat size is colander large! Need holes for ventilation.