Skip to main content
close search
site logo
Dive Brief

Russian group's new phishing scheme targets hotel Wi-Fi

Published Aug. 14, 2017
By
Contributing Editor
CC0 Public Domain Free for commercial use No attribution required Pixabay

Dive Brief:

  • Russian-based hacking organization APT28 is believed to be behind a new campaign targeting the hospitality sector, specifically travelers to hotels in Europe and the Middle East, according to cybersecurity company FireEye.

  • FireEye said it uncovered a malicious document sent in spear phishing emails to multiple companies in the hospitality industry. Successful execution of the macro within the malicious document results in the installation of APT28’s signature GAMEFISH malware.

  • The incident has a unique spin – APT28 is "leveraging less secure hotel Wi-Fi networks to steal credentials and a NetBIOS Name Service poisoning utility to escalate privileges," reports FireEye. Upon gaining access to the machines connected to corporate and guest Wi-Fi networks, the group can eventually compromise credentials, FireEye explained.

Dive Insight:

Hotels are an easy target for hackers because they tend to lack advanced security measures and hold huge amounts of personal data and credit card information.

Add to that the fact that groups like APT28 spend untold amounts of time and money figuring out how to outsmart the best cybersecurity systems, and you have a dangerous combination. In July, Trump International Hotels Management confirmed it was the victim of the third data breach involving the hotel chain since May 2015.

Companies that employ workers that travel frequently may want to warn those employees against the use of public Wi-Fi networks while traveling. Cyber criminals that breach employee accounts could conceivably find their way into the corporate network as well. Experts suggest people avoid using public Wi-Fi without a VPN when possible, and especially avoid using it to share sensitive data.  

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Graphiant’s Blakely Purtill Honored as a CRN® Channel Chief
From Graphiant
February 03, 2025
Newgen Recognized as a ‘Leader’ in IDC MarketScape Reports for its Intelligent CCM and Automat…
From Newgen
January 29, 2025
YMX Logistics Acquires Leading Yard Management System (YMS)
From YMX Logistics
January 21, 2025
Midmo.ai Comes out of Stealth Mode with Connective Tissue for Traceability Solutions
From Midmo Inc
January 24, 2025
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.