Ed note: This post originally appeared on Peter S. Vogel’s Internet, Information Technology & e-Discovery Blog.
Kaspersky identifies that Darkhotel is a group of attackers that “seems to know in advance when these individuals will arrive and depart from their high-end hotels. So, the attackers lay in wait until these travelers arrive and connect to the Internet.” The Kaspersky report issued on November 10, 2014 is entitled “THE DARKHOTEL APT A STORY OF UNUSUAL HOSPITALITY” and should be disturbing to everyone who travels, and particularly in Japan since “over 90% of it occurs in the top five countries: Japan, followed by Taiwan, China, Russia and Korea.”
eWeek reported that Darkhotel was a:
Opus 2 Steps Up Its AI Game With Acquisition Of A Legal Tech Startup
With the addition of Uncover’s technology, the litigation software is delivering rapid innovation.
cyber-espionage group has compromised the computer systems of corporate executives by infecting the networks of the hotels where they typically stay and then serving up malware while they connected to the Internet.
Here is how Darkhotel spreads:
The Darkhotel APT’s precise malware spread was observed in several hotels’ networks, where visitors connecting to the hotel’s Wi-Fi were prompted to install software updates to popular software packages.
Of course, these packages were really installers for Darkhotel APT’s backdoors, added to legitimate installers from Adobe and Google. Digitally signed Darkhotel backdoors were installed alongside the legitimate packages.
The most interesting thing about this delivery method is that the hotels require guests to use their last name and room number to login, yet only a few guests received the Darkhotel package. When visiting the same hotels, our honeypot research systems couldn’t attract a Darkhotel attack. This data is inconclusive, but it points to misuse of check-in information.
Labor and Employment Federal Litigation Trends 2026
Drawing on more than a decade of data, the report equips law firms and corporate legal teams with actionable insights to better assess risk, refine strategy, and anticipate outcomes in today’s evolving workplace disputes.
By the tone of this Kaspersky Report apparently many travelers are unaware of the privacy threats from the likes of Darkhotel.
“Peter S. Vogel’s Internet, Information Technology & e-Discovery Blog is part of the LexBlog Network (LXBN). LXBN is the world’s largest network of professional blogs. With more than 8,000 authors, LXBN is the only media source featuring the latest lawyer-generated commentary on news and issues from around the globe.”