“Russian computer hacker group tried European hotel guests to spy’
The Russian hackergroep Fancy Bear, which is also known as APT28, tried in July guests of European hotels spy on you.
Reports that security firm FireEye Friday in a blog post. The computer hacker group infected in July, the networks of at least seven hotels in Europe and one in the Middle-East.
It would go to hotels where, for example, officials at a diplomatic trip to stay. That sets Ben Read, a researcher at FireEye, compared to the Motherboard. The hotels would belong to international chains, but Read wanted the names of the locations are not disclosed.
In the attack to send the criminals a document that resembles a form for the employees of a hotel to the target. In that document there is a program processed that malware on the victim’s computer, to install. Anton Cherepanov, beveiligingsonderzoeker at ESET, says, compared to the Motherboard that only Fancy Bear the malware in the documents sent.
The hack exploited the so-called Eternalblue-vulnerability in Windows. The American intelligence service NSA found the flaw; the existence of a way to have the leak from outside came in april this year to the outside after the NSA itself was hacked.
Also in the WannaCry and Petya attacks, was used to the same leak. However, it would be the first time that Fancy Bear a lek used by the mysterious computer hacker group Shadow Brokers is leaked.
The hackers then try with a program called Responder passwords and usernames of victims to steal it. That program acts as a device on the local network, so that computers connect to it. Then the information from the computer handles.
A user connects to a wi-fi network, passwords will be stolen. They don’t first typed by the victim.
FireEye has no evidence that the passengers during the attack successfully hacked.