Linked – Hackers are now using the exploit behind WannaCry to snoop on hotel Wi-Fi
Gotta be careful with that hotel wifi. Wouldn’t want hackers to target you and figure out what sites you’re surfing from your hotel room. 😉
“Messages contain a malicious document “Hotel_Reservation_From.doc” containing a macro which if successfully executed, decodes and deploys GameFish — which researchers describe as APT28’s signature malware.
Once GameFish is installed on the network, it uses EternalBlue to worm its way through the network and find computers responsible for controlling both guest and internal Wi-Fi networks. Once in control of these machines, the malware deploys an open source Responder tool, allowing it to steal any credentials sent over the wireless network.
While the attack is carried out against the network as whole, FireEye suggests that “hotel guests of interest could be directly targeted as well” — government and business personnel have previously been of interest to APT28.”
