Kaspersky: Businessmen in Asian hotels have been targets of hackers for years

Kaspersky Lab researchers have uncovered details about the so-called Darkhotel spy campaign. Hackers have allegedly been stealing data from top executives from Asia and the US through Asian hotel networks for at least four years.

After gaining access to the networks of luxury Asian hotels, the hackers wait for the victims to connect to the Wi-Fi network. If that happens, the hackers will have access to the victim’s room number and last name, Kaspersky writes. The guest is then tricked into downloading and installing a backdoor, which looks like legitimate software from Adobe or Google. Once the package is downloaded, the hackers can access the guest’s systems.

For example, other programs can be downloaded remotely and all keystrokes made by the victim are also recorded. In that way, company information has probably been leaked. In addition, the hackers gained insight into the login details of the hacked persons, for example for Twitter, Facebook or Google.

The hackers try to cover all their tracks after their act and they would never target the same target twice. In addition to targeted attacks, the malware would sometimes also be distributed randomly.

The majority of the burglaries took place in Japan, according to Kaspersky’s report, but relatively many victims were also made in Taiwan, China and Russia. It is unclear who exactly belongs to the group of victims and what information was stolen. Kaspersky warns that the hackers are still active.