Sections

Security & Fraud

APT 28 Is Reportedly Behind European Hotel Wi-Fi Attack

By PYMNTS

Posted on August 14, 2017

APT 28, a cyber spying group that is suspected to be connected to military intelligence in Russia, was likely behind a cyberattack of hotel guests in countries mainly in Europe in July.

Researchers at FireEye, the security firm, said in a research report covered by Reuters that the Kremlin hackers were aiming to steal the password credentials for business travelers and Western government officials using Wi-Fi networks in hotels mainly in eight countries in Europe. Some of the attacks also targeted travelers staying in one hotel in the Middle East, FireEye said, according to a news report by Reuters.

FireEye said in July it discovered spear phishing emails that were designed to get hotel employees to download a hotel reservation document that was infected and would install GAMEFISH malware remotely from the internet via a website that is known to be operated by APT 28.

According to Reuters, the claim by FireEye is just the latest allegation that the Kremlin is taking part in hacking activities around the globe, targeting businesses, governments and elections, such as Hillary Clinton’s in the U.S. in 2016. Reuters noted governments and security firms have already connected APT 28 with GRU, which is the military intelligence directorate in Russia. Other researchers found similar patterns but stopped short of saying there was a connection. The government in Russia denied the cybersecurity breach allegations.

Benjamin Read, manager of cyber espionage analysis for U.S.-based FireEye, said the technical exploits and the chain of command used in the hotel Wi-Fi attacks lead to APT 28, which the cybersecurity firm has been tracking since 2014.

“We are moderately confident in our assessment,” Read told Reuters, saying this was because the technical inquiry was still in its early days. “We just don’t have the smoking gun yet.” While the latest hack was prevented from happening, the report noted that in the fall of last year, hackers targeted European hotels and were able to get into the computer of a government employee in the U.S.

——————————

WATCH LIVE: MONDAY, JANUARY 18, 2021 AT 12:00 PM (EST)

About: From the online betting sector where one’s physical location at the time of wager is a matter of state law, to banks complying with stringent international Know Your Customer (KYC) regulations, geolocation services are proving a powerful weapon against fraudsters. Curiously, however, new PYMNTS research shows that consumers are more willing to share location data with food-ordering apps than with their own bank’s mobile app. Be part of the discussion as PYMNTS CEO Karen Webster and experts from the geo-data sector talk about the revolution in geolocation data usage, and why banks must take part.

Related Items:APT 28, Cybersecurity, European hotels, FireEye, Hackers, hotels, Kremlin, News, Russia, What's Hot, Wi-Fi

Click to comment

TRENDING RIGHT NOW