print   email   Share

Business Travelers Beware: Wi-Fi Hackers Targeting Hotels With Sophisticated Malware

DarkHotel, a hacking group that has been active for more than a decade, continues to target business travelers using Wi-Fi at luxury hotels around the world.

Cybersecurity experts believe the hackers exploit vulnerabilities in the software of hotels' servers to infect Wi-Fi users' devices with the new malware called Inexsmar. After a user's computer or mobile device is infected with the malware, DarkHotel individually designs a phishing email crafted for that specific user. The criminals use social engineering tricks to make the email look "convincing and interesting to the target." Cybersecurity experts believe the campaign may target political and governmental figures.

Once the self­-extracting archive package contained in the email is executed, it opens a decoy Word document and begins downloading the trojan. To avoid detection, the malware downloads in stages and hides malicious code in genuine code. Because the malware is so complex, some cybersecurity experts believe DarkHotel could be state-sponsored. "Hackers are Attacking Wi­Fi of Hotel with a Particular Evil Malware," (Jul. 27, 2017).


Wi-Fi at hotels is vulnerable. What makes this scam so dangerous is that you don’t have to open attachment or link from unsolicited or suspicious email…you simply have to access the Wi-Fi network promoted by the hotel.

The phishing scam related to the Wi-Fi malware is also sophisticated. Instead of mass blasts, the email is targeted toward you, most likely because the uploaded malware monitors your online habits.

The best practice is to avoid public Wi-Fi altogether, and use a cellular hot spot or your mobile phone to access the Internet that is password protected.

As the above referenced piece highlights, phishing is becoming more effective. As a result, it is even more important to use caution with every email you receive.

Some common types of phishing emails to watch out for include the following:

  1. Help Desk or Email Account Deactivation Scams: Email will claim that an account needs to be verified by clicking on a link.
  2. Banking Scams: Email allegedly from a banking institution will ask you to send certain personal information.
  3. Advance Fee Fraud (or 419) Scams: Email will state the recipient can claim a large sum of money if he or she sends information such as a bank account number.
  4. Fake Job and Money Mule Scams: Email will promise the recipient a job if he or she sends personal information or sets up a new bank account to transfer money for the organization.
  5. Email Attachments: Phishers may also include email attachments that contain malicious code that steals information from your computer or device after you open it.
  6. Fake Pharmaceuticals: Email offers pharmaceuticals at a very low price in an attempt to get your credit card information.

Do not respond to an email if it contains any of the following language, as it is likely a phishing scam: “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity;” “During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information;” or “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

Finally, your opinion is important to us. Please complete the opinion survey:

Keep me signed in

Forgot password?