Technology Sectors

Market Sectors

International travelers’ laptops vulnerable at hotel Internet connections abroad

Tue, 2012-05-22 07:35 AM

The FBI is warning traveling commercial and government laptop users that malicious programs can worm their way onto their machines through hotel connections overseas through bogus software updates.

A May 21 bulletin from the FBI’s Internet Crime Complaint Center (IC3) warns that malware disguised as innocuous software updates awaits unwary travelers as they log onto hotel-hosted Internet connections. The agency said recent analysis from its investigators and other government agencies showed that Cyber criminals are targeting travelers through pop-up windows while they connect to the Internet in their hotel rooms. Apparently, criminals set up bogus hotel connections to intercept traffic before the hotel guest can reach the legitimate hotel connection.

It said recent cases show the malware presents the traveler with a pop-up window telling them to update a widely-used software product.

In these instances, the travelers attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product, it said. The pop-up window looks like a common software update notice, according to the agency. If the laptop user clicks on “accept” to install the update, they install the malware.

IC3 recommended all government, private industry, and academic personnel traveling abroad be extra cautious before updating software using hotel Internet connections. It also recommended checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor. If it doesn’t, it may reveal an attempted attack, it said.

The agency also advised travelers perform software updates on laptops immediately before they go on a trip and download software updates directly from the software vendor’s website if updates are necessary while abroad.

It said anyone who thinks they have been targeted for this kind of attack should contact a local FBI office and report it to the IC3 Web site Anyone who believes he or she has been a target of this type of attack should immediately contact a local FBI office and promptly report it to the IC3’s website. The IC3’s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration. The complaint information is also used to identify emerging trends and patterns, said the FBI.

Tags:

Upcoming Events

Event Details	Dates of Event
Mission Command	Jun 10 - 12
Cyber Securty Brainstorm	Jun 11 - 11
EDGE Summit 2013	Jun 11 - 11
IPv6 Summit 2013	Jun 14 - 16
SANSFIRE 2013	Jun 15 - 22
Oak Ridge National Laboratory's 2nd Biosurveillance Symposium	Jun 17
Biodetection Technologies 2013	Jun 18 - 19
Southwest Microwave Seminar	Jun 18 - 18
Cyber Defense and Network Security Summit	Jun 24 - 26
Vanguard Security & Compliance 2013	Jun 24 - 27
SANS Canberra 2013	Jul 1 - 13
Border Management & Technologies Summit	Jul 2 - 5
SANS Rocky Mountain 2013	Jul 15 - 20
SANS Mumbai 2013	Jul 22 - 27
Cyber Security Brainstorm	Jul 24 - 24
SANS San Francisco 2013	Jul 29 - Aug 3
SANS Boston 2013	Aug 5 - 10
Cyber Security for Government	Aug 12 - 14
SANS Thailand 2013	Aug 19 - 31
SANS Virginia Beach 2013	Aug 19 - 30
Maritime Security 2013 West	Aug 19 - 21
930gov: Strategic Buying at Year-End Showcase	Aug 21 - 21
SANS Melbourne 2013	Sep 2 - 7
SANS Capital City 2013	Sep 3 - 8
US/Canada Border Conference	Sep 12 - 13
Network Security 2013	Sep 14 - 23
Cyber Intelligence Europe	Sep 17 - 19
EnergySec 9th Annual Security Summit	Sep 17 - 19
iFSO International Facility Security Officer Conference	Sep 17 - 19
International Facility Security Officer Conference	Sep 17 - 19
DefendUSA	Sep 19 - 20
ASIS Foundation Golf Tournament	Sep 23 - 23
NCT: CBRNe Asia, 24-27 September 2013, Kuala Lumpur	Sep 24 - 27
ASIS Foundation Night at ASIS 2013	Sep 26 - 26
SANS Bangalore 2013	Oct 14 - 26
SOS SANS October Singapore 2013	Oct 21 - Nov 2