Hackers Use NSA Tools to Spy on Hotel Guest Wi-Fi and Steal Their Details
The NSA’s leaked hacking tools are the gift that keeps on giving—for crooks at least. Security researchers at FireEye report that the Russian hacking collective known as Fancy Bear has been using the same Eternal Blue exploit that enabled the recent WannaCry and NotPetya ransomware attacks to compromise Wi-Fi networks in hotels. It's enabled them to harvest usernames and passwords from computers of travelers, without their knowledge.
FireEye believes that the hackers first penetrate the hotels' networks using a phishing attack, which relies on employees opening malicious files sent via e-mail, to gain access to a computer. Then, the EternalBlue exploit allows them to spread control to other devices and gain access to the ones that control the hotel’s Wi-Fi networks. The security firm has seen the hack hit hotels in seven European capitals and one in the Middle East.
Once they're up and running on Wi-Fi servers, the hackers are apparently able to monitor network traffic and fool devices into giving up usernames and passwords. FireEye’s Ben Read tells Wired that this is a “a new technique," which is “a much more passive way to collect [data] on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”
If you thought that you could trust hotel Wi-Fi, now might be a good moment to reevaluate.
Deep Dive
Uncategorized
Our best illustrations of 2022
Our artists’ thought-provoking, playful creations bring our stories to life, often saying more with an image than words ever could.
How CRISPR is making farmed animals bigger, stronger, and healthier
These gene-edited fish, pigs, and other animals could soon be on the menu.
The Download: the Saudi sci-fi megacity, and sleeping babies’ brains
10 Breakthrough Technologies 2023
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.