Five-Star Darkhotel

Next story


High value targets in the pharmaceutical and private equity industries as well as law enforcement and military personnel have been the victim of “Dark Hotel”: a consistent series of attacks in operation since 2007.

“DarkHotel” used phony update packages to install malware on high value targets while they stayed at luxury hotels.

The phony updates were for popular services like GoogleToolbar, Adobe Flash and Windows Messenger. Allowing the updates to download opens the system up to malware; specifically targeting usernames and password for common services it seems.

It appears that victims were primarily based in Russia, Taiwan, Japan, China, Hong Kong and Korea. The malware wasn’t limited to a phony update package; also including emails with dodgy attachments and infections in peer-to-peer networks like BitTorrent.

Not your typical attack

Mark James, ESET security specialist, comments that “this type of targeted attack is uncommon.”

The attacks seem to be highly organised and quite possibly very well-funded. In some cases it appears that they had specific knowledge of their victims’ whereabouts.

Mark James was asked for comments by The Guardian and the International Business Times. Following the links for the rest of the story and expanded comments from Mark James.