Security researchers at FireEye have discovered that in July 2017, Wi-Fi networks in a number of hotels in at least seven European countries and in some countries in the Middle East were infected by malicious software. The espionage-type software has been designed to collect user names and passwords for any services, including banking or work-related services hotel guests might be using over the hotel Wi-Fi.
First, hackers have to get the malicious software inside the hotel network. It is done by sending a fake booking form to the hotel via email. When a receptionist opens the form, a virus embedded in the document jumps into the hotel network.
Second, the piece of software inside the hotel controlled by hackers installs the actual espionage software that monitors hotel’s Wi-Fi traffic. It looks for user names and passwords. Once it discovers them, it can save them and later login to the service.
The researchers believe the Gamefish spyware is primarily targeted at governmental officers and other people who have access to classified information systems and documents. Since these travelers stay in the same hotels as other travelers,everyone who happens to be using the hotel Wi-Fi that has been hacked may reveal sensitive data to hackers.
How to protect yourself from being hacked at your hotel’s network? There is only one solution that is guaranteed to protect you: do not connect to the hotel Wi-Fi at all. If you are overseas, get a local prepaid SIM card with a data plan, and use it for connecting to the Internet. If you already have a SIM card data plan from an EU country, and you are traveling in another EU country, the regulation has recently changed so that you can connect to the Internet and pay your home country charges only. Users of VPN services are safe as well.
FireEye researchers warn: “Travelers must be aware of the threats posed when traveling – especially to foreign countries – and take extra precautions to secure their systems and data. Publicly accessible Wi-Fi networks present a significant threat and should be avoided whenever possible.”