An espionage campaign known as 'Darkhotel' has been stealing sensitive data from travelling executives via hotel Wi-Fi networks for the past four years - and is still active today - it has emerged.
The Darkhotel campaign, which comprises both targeted attacks and botnet-style operations, specifically targets top executives staying in luxury hotels while on business trips, said cyber security company Kaspersky Lab. Once connected to a hotel's Wi-Fi network, the attacker tricks the user into downloading a piece of malware masquerading as legitimate software onto their computer, infecting the device with the 'Darkhotel' spying software.
The software then hunts for the victim's cached passwords, login credentials and steals keystrokes entered on the device, with the aim of accessing the intellectual property of the business entities the user represents.
The most recent travelling targets include chief executives, senior vice presidents, sales and marketing directors and top research and development staff doing business and investing in the Asia-Pacific region, according to Kaspersky.
The attackers never go after the same target twice; they perform operations with surgical precision, getting all the valuable data they can from the first contact, deleting traces of their work and melting into the background to await the next high profile individual.
Kaspersky advises using a Virtual Private Network (VPN) provider where possible, always regarding software updates as suspicious, and proactive defences against new threats.