DarkHotel targeting hotel WiFi networks

Discussion in 'Travel Security' started by viguera, Nov 10, 2014.  |  Print Topic

  1. viguera
    Original Member

    viguera Gold Member

    Messages:
    4,737
    Likes Received:
    6,913
    Status Points:
    4,745
    gaijin62, Kalboz, Sammich and 2 others like this.
  2. Sammich

    Sammich Gold Member

    Messages:
    5,644
    Likes Received:
    22,439
    Status Points:
    11,025
    Not something new, unfortunately. I'm just impressed on how advanced the operation was.

    Once again, to the best of my knowledge, VPN is your best bet. I'm surprised corporate exec's don't exercise this practice yet.

    Although I haven't found the time to read the whitepaper yet for more details on the attack. Some comment in that article is saying a VPN won't help??
     
    Kalboz likes this.
  3. lapointdm

    lapointdm Silver Member

    Messages:
    367
    Likes Received:
    537
    Status Points:
    575
    Our company mandates the use of vpn. We have our own phobs for it and everything... Though why on earth they picked pink is beyond me... We aren't the hello kitty corporation!
     
  4. viguera
    Original Member

    viguera Gold Member

    Messages:
    4,737
    Likes Received:
    6,913
    Status Points:
    4,745
    I think the problem is that the network itself is compromised... it has to be, for them to be able to pull guest information and display it in an iframe. You basically see the login page that has your name, room number, etc. and you assume that whatever is going on in there is coming from the hotel, so there's no cause for alarm.

    However, the exploits are loaded in the iframe (whether they're flash, IE, whatever) and the code is signed so even if you're using something like HTTPS Everywhere you wouldn't get a warning, other than the fact that it's using a weak key (and the keys were not stolen).

    So basically you get something like a keylogger installed by the iframe and next thing you know it doesn't matter if you use a VPN... it's your machine that's already compromised, not your connection.

    The only way you can avoid this is a) avoid the hotel network altogether, b) use an account that has no rights.

    I personally bring my own hotspot when I travel precisely because I don't trust other people's networks, and even then I use a hardened machine because I'm paranoid.
     
    Sammich likes this.
  5. anileze

    anileze Gold Member

    Messages:
    4,961
    Likes Received:
    12,787
    Status Points:
    10,675
    Looks like another aspect missing, the possible compromise of the transport layer. Many (if not most) wifi network(s) use AP (Access Points) with Controllers, such as products of Aruba or Bluesocket et, al. Unless one is also paranoid about the cellular carrier snooping ;) one should use USB tethering through one's cellphone. OTH, the IT departments of these VIP execs are'nt doing due dilligence with their big boys ;)
     
  6. okrogius

    okrogius Silver Member

    Messages:
    696
    Likes Received:
    853
    Status Points:
    795
    Assuming you keep a machine patched to latest os and browser updates, your risk is substantially smaller. Zero-days exist, but hotel wifi isn't any more of a likelihood to get them than other means.

    Typical wifi security issues are snooping based, and that's easily solved by SSL and VPN.
     
  7. okrogius

    okrogius Silver Member

    Messages:
    696
    Likes Received:
    853
    Status Points:
    795
    Different attack point. VPN helps with ensuring the network communication is private and verifying the party you're talking to is in fact that party. That of course assumes your machine is secure (both a question of being virus-free and physical security).
     
    anileze likes this.
  8. Lionell

    Lionell Gold Member

    Messages:
    767
    Likes Received:
    3,248
    Status Points:
    1,810
    That is one of the reason that I have a firewall and vpn running on every single machine I own. Even got my girlfriend convinced about the use of a vpn on her laptop. You never know what goes on hotel wifi networks. I have seen it on the train in Holland that people put up a bogus so called free network on the train to lure people to connect. Only difference was a typo in the URL of the hotspot portal site.

    Always be on the lookout!
     
  9. PaulOnion

    PaulOnion Silver Member

    Messages:
    67
    Likes Received:
    41
    Status Points:
    160
    Yes and I've seen a fairy fly across the sky in Disney World, so what's your point?
     
  10. Lionell

    Lionell Gold Member

    Messages:
    767
    Likes Received:
    3,248
    Status Points:
    1,810
    That you shouldn't trust any kind of public (free) wifi and always use security precautions such as vpn. Or go as far as using PGP, but that would require all involved parties to use it. But then again, I'm a bit autistic when it comes to security...
     
  11. Lionell

    Lionell Gold Member

    Messages:
    767
    Likes Received:
    3,248
    Status Points:
    1,810
  12. Captain Oveur
    Original Member

    Captain Oveur Gold Member

    Messages:
    7,243
    Likes Received:
    14,058
    Status Points:
    12,520
    I think I'm more bothered by the fact I have the 80s tune "One Night In Bangkok" stuck in my head now.
     
    Lionell likes this.
  13. PaulOnion

    PaulOnion Silver Member

    Messages:
    67
    Likes Received:
    41
    Status Points:
    160
    Well whoever did the "hack" really needs to just get a couple of copies of the latest PS4 games and have at it. Lots of pent up frustration there. Unless it really was state sponsored. But I doubt that .

    Oh and mine this week happens to hearken all the way back to 1973.

    "Me and You and a Dog named Boo" . What a haircut!
     

Share This Page