Hackers are beginning to distribute malware aimed at users accessing free Wifi networks in luxury hotel and the globe.
According to ZDNet, the hacker group DarkHotel, which has been operating for more than 10 years, is starting to show signs of coming back with new malware. The goal of the group is to customers at luxury hotels, usually politicians, CEOs or senior corporate officials.
The attack is conducted in phases. First, Wifi network is compromised by exploiting a server software vulnerability or direct access to the hotel infrastructure. When it is done, the hacker will use a series of phishing scams or social engineering to infiltrate the target computers.
The new malware is known as Inexsmar, and like many other phishing programs, the attack will be started with email. Email is designed specifically for the purpose of attracting and persuading the victim, thus this is not a typical phishing attack.
Bitdefender Bogdan Botezatu, security expert said that the social engineering approach involves a highly-targeted phishing email targeted to one by one. This email comes with a compressed file and self -extracting before downloading the trojan. This activity is not performed immediately but will be downloaded step by step to avoid being detected by the victim. A word file can be opened on the computer to deceive the user from seeing what is happening on the computer.
Botezatu added that multi-phased malware is considered an evolutionary step, allowing hackers to avoid detection when performing attacks.
With the complexity of the attack, research experts have not put aside the possibility that DarkHotel is a hacking group sponsored by government agencies.