Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

IC3 Warns Travelers of Malware Threat via Hotel Internet Connections

International Travelers Warned of Threats via Hotel Connections – “The Malware Hotel—You can check in, but you can’t check out!

International Travelers Warned of Threats via Hotel Connections – “The Malware Hotel—You can check in, but you can’t check out!

Frequent travelers are likely all-too-familiar with the login screens presented in order register for Internet service when staying at Hotel. When connecting to a hotel Internet connection, it’s common that Web browsers auto-launch to a specific page in order to enable a hotel guest to self-register for service, even when it’s offered free of charge.

IC3 Alert for Hotel Internet ConnectionsAccording to an intelligence notice issued by the Internet Crime Complaint Center (IC3) on Tuesday, recent analysis from the FBI and other government agencies has shown that some international hotels have been serving up malicious pop-ups to visiting guests as they attempt to get connected to the Internet, resulting in end users being infected with malware.

“Recently, there have been instances of travelers’ laptops being infected with malicious software while using hotel Internet connections,” the alert stated. “In these instances, the traveler was attempting to setup the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely-used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop.”

The alert did not specify what countries the threat was seen, or name any specific hotel or hotel chain.

“This warning is targeted to academics and government officials traveling abroad because state-sponsored actors use the malware installed via these networks to steal intellectual property and/or government secrets,” Rob Rachwald, Director of Security Strategy at Imperva told SecurityWeek.

“There are two obvious scenarios here: either the hotel Internet system was compromised or they had an insider at the hotel who would selectively change the popup,” opined Alex Lanstein, a network/systems architect at FireEye. “I bet they compromised the login system to add the popup.”

Along with the alert, the FBI provided some advice in order to help minimize risk when connecting to the Internet via hotel networks, though the advice can apply when connecting through any public network, such as a coffee shop or airport.

• All government, private industry, and academic personnel who travel abroad should take extra caution before updating software products on their hotel Internet connection.

Advertisement. Scroll to continue reading.

• Travelers should check the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack.

• Travelers should perform software updates on laptops immediately before traveling,

• If possible, download software updates directly from the software vendor’s Web site if updates are necessary while abroad.

“Some companies now have policies where employees who travel abroad travel with a disposable laptop (or they go off the grid) to ensure that no IP or secrets available on their machines are stolen,” Rachwald added.

In his words, Rachwald humorously described this scenario as “The Malware Hotel—You can check in, but you can’t check out!”

While this particular alert is focused on hotels located abroad, it’s important to keep in mind that the same scenario could easily occur in the United States or in any country.

The IC3 asks that anyone who believes they have been a target of this type of attack should immediately contact their local FBI office, and promptly report it to the IC3’s website. The IC3’s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

Related: How Logging On From Starbucks Can Compromise Your Corporate Security

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.