Russian Hackers Target Hotels Using WannaCry Exploit

A notorious group of Russian hackers are targeting hotel guests in Europe and the Center E.

Researchers at security house FireEye on Friday warned that hacking group APT28 is using a tool known to sniff user passwords from Wi-Fi traffic. They admission hotel networks via spear phishing emails with attachments that might seem legitimate at first glance (Hotel_Reservation_Form.medico). But "successful execution of the macro inside the malicious document results in the installation of APT28's signature Gamefish malware," FireEye says.

The malicious emails, which date dorsum to at least July, have been sent to hotels in "at least seven European countries and one Middle Eastern land," FireEye writes in a web log post. APT28 (aka Fancy Carry) is linked to the Russian government and US election hacks.

The malware is spread via a version of the EternalBlue exploit. If that name sounds familiar, it's because it was the same 1 used in the recent WannaCry ransomware attacks. EternalBlue and other NSA hacking tools were leaked online terminal year by a group known every bit the Shadow Brokers, putting these powerful tools in the hands of anyone able to use them.

Once inside a network, the hackers seek out machines that control the hotel'southward invitee and internal Wi-Fi networks. Upon gaining access to these machines, the hackers deploy other tactics to steal usernames and hashed passwords that give them greater admission to the victim network.

"No guest credentials were observed being stolen at the compromised hotels; yet, in a split incident that occurred in Fall 2022, APT28 gained initial access to a victim's network via credentials likely stolen from a hotel Wi-Fi network," FireEye warned. In that example, the victim was compromised subsequently connecting to a hotel Wi-Fi network.

"Travelers must be enlightened of the threats posed when traveling—particularly to foreign countries—and accept extra precautions to secure their systems and data," FireEye wrote. "Publicly accessible Wi-Fi networks present a significant threat and should exist avoided whenever possible."

About Angela Moscaritolo

Angela Moscaritolo is PCMag'south skilful on fettle and smart dwelling house products. Teaching yoga for nearly 10 years has helped her in evaluating a range of connected health products including fitness trackers, middle rate monitors, rowers, smart scales, stationary bikes, strength grooming machines, treadmills, and more. Angela besides tests smart home devices from her ranch in Florida, including air purifiers, kitchen appliances, and robot vacuums, just to name a few.

Source: https://sea.pcmag.com/news/16976/russian-hackers-target-hotels-using-wannacry-exploit

Posted by: schoolcraftnark1982.blogspot.com

Share this post