The NSA’s leaked hacking tools are the gift that keeps on giving—for crooks at least. Security researchers at FireEye report that the Russian hacking collective known as Fancy Bear has been using the same Eternal Blue exploit that enabled the recent WannaCry and NotPetya ransomware attacks to compromise Wi-Fi networks in hotels. It's enabled them to harvest usernames and passwords from computers of travelers, without their knowledge.
FireEye believes that the hackers first penetrate the hotels' networks using a phishing attack, which relies on employees opening malicious files sent via e-mail, to gain access to a computer. Then, the EternalBlue exploit allows them to spread control to other devices and gain access to the ones that control the hotel’s Wi-Fi networks. The security firm has seen the hack hit hotels in seven European capitals and one in the Middle East.
Once they're up and running on Wi-Fi servers, the hackers are apparently able to monitor network traffic and fool devices into giving up usernames and passwords. FireEye’s Ben Read tells Wired that this is a “a new technique," which is “a much more passive way to collect [data] on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”
If you thought that you could trust hotel Wi-Fi, now might be a good moment to reevaluate.
Embracing CX in the metaverse
More than just meeting customers where they are, the metaverse offers opportunities to transform customer experience.
Identity protection is key to metaverse innovation
As immersive experiences in the metaverse become more sophisticated, so does the threat landscape.
The modern enterprise imaging and data value chain
For both patients and providers, intelligent, interoperable, and open workflow solutions will make all the difference.
Scientists have created synthetic mouse embryos with developed brains
The stem-cell-derived embryos could shed new light on the earliest stages of human pregnancy.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.