Russia-linked hackers targeted hotel guests across Europe: security firm

From Reuters - August 11, 2017

FRANKFURT (Reuters) - A cyber-spying group with suspected links to Russian military intelligence was probably behind a campaign targeting hotel guests in eight mostly European countries last month, researchers at security firm FireEye said on Friday.

The espionage group, dubbed APT 28, sought to steal password credentials from Western government and business travelers using hotel wi-fi networks, in order then to infect theirorganizational networks back home, FireEye said in a report (

The wave of attacks during the first week of July targeted travelers who were staying in several hotel chains in at least seven countries in Europe and one in the Middle East, it said.

These preliminary findings are the latest to allege that Russia is engaged in far-flung hacking activity aimed at governments, businesses and election campaigns, including Hillary Clinton's unsuccessful White House bid last year.

Several governments and security research firms have linked APT 28 to the GRU, Russia's military intelligence directorate.Other researchers have tracked the same pattern of attacks, but stopped short of linking APT 28 to the Russian state.

Moscow vehemently denies the accusations.

Benjamin Read, manager of cyber espionage analysis for U.S.-based FireEye, said the technical exploits and remote chain of command used to mount the attacks all clearly pointed to APT 28, whose vast scope of activities his firm has detailed since 2014.

"We are moderately confident in our assessment," Read told Reuters, saying this was because the technical inquiry was still in its early days. "We just do not have the smoking gun yet."


Continue reading at Reuters »