Crooks Prey on Hotel Internet Connections

  • MORE

If you've ever taken a laptop on a work trip, here's some troubling news: The FBI and national cybercrime agencies are warning people traveling abroad to be wary of shady scammers planting malware via insecure hotel Internet connections.

In an advisory issued yesterday (May 8), the Internet Crime Complaint Center(IC3) notes that malware perpetrators are masking their cybercrime weapons as popup software updates travelers see when setting up their Internet connections. (The IC3 is a partnership between the FBI and the National White Collar Crime Center, and funded by the Bureau of Justice Assistance.)

"The popup window appeared to be offering a routine update to a legitimate software product for which updates are frequently available," the IC3 explained. "If the user clicked to accept and install the update, malicious software was installed on the laptop."

To mitigate the threat of contracting a harmful virus on your personal computer, or your company laptop, the FBI recommends that "all government, private industry and academic personnel who travel abroad take extra caution before updating software on their hotel Internet connection."

The FBI advises travelers to perform software updates immediately before traveling, and to download software updates only from vendors' websites.

Add a comment
  • SnotPuppy Says:

    I only carry a portable typewriter when I travel overseas. Problem Solved!

  • Duke Skymocker Says:

    Shouldn't it be "unsecured" connection? Insecure means something else last I checked.

  • oakhill Says:

    Sort of ho-hummed my way through the article, thinking "Well, there's nothing new here I don't already know," and then got to the comments. Hilarious. I can't believe how paranoid, or ignorant of the realities of internet use, so many people are. I investigate fraud for a living for a global bank, so get to see firsthand the fallout. The problem is very real, and very prevalent, and no, it isn't the US government (and the FBI) behind it all. (Seriously, people? Really??) Hate to bust your bubble, but the bulk of what we've been seeing the past few years is rooted in Eastern Europe. Not saying it all is, but an awful lot of it is. And they have very long arms.

  • Peg Mik Says:

    Hey JGS (from July 4, 2012) I had same exact experience with AT&T, except in Africa last July. Paid AT&T for Africa data package before I left and $440 later, they said the data package didn't cover Tanzania or Johannesburg, South Africa. Same time frame - about 2 days in July 2012.

  • iamatt Says:

    OpenBSD-CURRENT with v1 IPSEC (isakmpd) back to home vpn also running OpenBSD. Proxy traffic via tinyproxy all good.

  • Citationneeded Says:

    supergadfly : SOURCE? Put cameras in your car and show us the beef!

  • Matt IT Says:

    @Mark G Unfortunately, Linux is just as easy to install malware on. Most malware perps use Java vulnerabilities to get root access to a machine. Even more so, anytime your on a shared wifi network, even the most amateur "hackers" can quite easily snag your passwords using Man In The Middle attacks. I HIGHLY discourage anyone from using a wifi connection without at least WPA2 encryption, and I would never use any Public WiFi for anything other than casual browsing that did not require me to log in to anything. If you need to, get yourself a VPN account. They are cheap, and prevent most common WiFi attacks.

  • Mark G Says:

    I only use linux so I consider myself reasonably safe. Any idea how tough it is to break into a linux laptop? It's frigging tough. Popups don't work on linux pc's. There are layer upon layer of security. Windows laptops suck for security. You are playing russian roulette when you travel with a windows product.

  • AfterbirthIsTasty Says:

    Have you guys ever been here before? Ohhhhhh Really.

  • Stephen Says:


    So we're not supposed to trust the government, but we're supposed to trust some nameless, faceless, no accountability yahoos who can create a website and write anything they want on it? Grand idea.

  • Tom Robinson Says:

    @jonny rocket, Linux may keep out Windows malware, but there are other kinds it doesn't. In addition, the hotel is collecting info about your browsing habits and selling it.

    Both malware and data collection are good arguments for using a VPN to secure your data at least until it gets to your ISP. While traveling in France for a month, I had a good experience with Private Tunnel. It doesn't cost that much and encrypts everything you do until it's far away from your hotel

  • jonny rocket Says:

    you call this news? that's why i use linux on ALL my computers. no worries.


  • Paolo Says:

    The FBI spy's on all of us all the time, if anyone knows they do!

  • onefeather Says:

    Oh, and just who does the FBI NOT spy on!! they have No room to talk about people who want to know all your info.

  • john Says:

    If you use a network, your computer will never be secure. If you just let software install onto your computer whenever it asks, you will most certainly get attacked. The solution is common sense, and intelligence, which I think is sorely lacking anymore today.

    Never, ever, never, never say "yes" to any software being installed on your pc. Never. Upgrades are almost always never needed. If you apps and computer are running well, why on earth would you let anything upgraded it? Why upgrade something that works? When "widgets incorporated" has huge license with Microsoft, and they do something specific with their software that breaks it, they tell Bill's buddies who craft a "fix" for THEIR problem, and then Microsoft automatically deploys the repaired version to every windows PC on earth. You don't want that fix unless you work for widgets incorporated.

    P.S. further down is a poster who happily reports that he steals home network wifii and brags about it. A word to the wise, if you are on my home network, I can find you and you may rest assured that you will not walk away without a small gift from me to you, after I have copied all the data off your machine. Don't steal, its not only unethical and immoral, it will come back to haunt you.

    Wake up folks, PCs are not Toasters. You have to think if you want to use them.

  • Al Prazolam Says:

    Garrick is right, especially about manual updates. When you update Flash Player (and many other programs, not just those of Adobe) manually there is another thing users have to do: uncheck the box (checked by default) that asks if you if you want to install, not just download, the abomination known as McAfee Security Scan Plus.

  • Linux4TheWin Says:

    Just use Linux, and your problem is solved. No viruses. No malware. No spyware. No crapware. You can just use your computer without fear and trepidation. The biggest problem here is that the most insecure operating system ever created has gained market dominance (Windows). It seems that mediocrity always becomes popular. After using Linux exclusively over the past 6 years, I've never had ANY problems. Now, when I use Windows, I feel as if I'm using my computer with handcuffs on. I feel so limited. The modern Linux distributions make Linux as easy to use (if not easier) than Microsoft Windows.

  • Asswipe44 Says:

    @ReneeMarieJones: When said OS has User Account Control disabled, mainly because the average user finds it annoying, many evil things can happen in the nighttime. Unsigned code is your friend.

  • Garrick Says:

    Adobe Flash would be the ideal update popup scammers would use. Since their updater requests installing a new update practically every week, one easily gets tired of going to their website each time and tediously searching around for specifically the flash player update it requests. Eventually everyone gets tired and gets used to clicking the OK on the popup.

  • Renee Marie Jones Says:

    Why on Earth would any operating system allow itself to be modified by unsigned code delivered from an unknown website? Sounds like a good reason to dump Windows and run Linux!

  • Homer Simpson Says:

    Who trusts the Fox guarding the Henhouse? They are trying instill Paranoia or maybe trying to gain your trust because they have "your" interests at heart. Yeah right tell that to the 3,000 dead from 9/11. Who researched and investigated the real perpetrators? When a guy with the internet can figure out who it was not and who likely it was. Yet this institution sat there like a mute dog. To trust them is to be a fool.

  • Rick Springfield Says:

    The connection I find is one of the most risky is in Las Vegas. The no-tell motel i like to use is near the MGM. Well, its behind the Hooters Casino. They advertise free wifi. So when you pull it up, you find its actually a pay network but the first 24 hours is free. But if you know the right steps, you can get free 24 hours every day. I always take a laptop I prepared for travel. It never goes to work, just on the road. I use it to entertain me in travel like at motels and airports. So its specifically designed to only go to public wifi systems and nothing else. It never accesses any credit card or bank pages. I do that with my phone apps and turn off the wifi on it when I travel. The only security risk on my travel laptop is the ocassional log into my netflix account. It is a secure log in but you know hackers could get my log in info. So that would afford them access to free movies and TV. So I always change the netflix log in after a day of travel.

  • UnderSerf Says:

    @NDNntheCupboard - WHAT!?! A friend of mine and I were Wardriving in 19-freeking-seventy-EIGHT, long before America trashed the World-WIDE Web by allowing idiots on it. My friend wound up doing a couple years probation, I was never caught. For decades imbeciles would broadcast their bank PINs, account numbers and all sorts of private info (I even monitored 6 different 49 & 900 MHz phones in my 12-unit APARTMENT BUILDING) over their cordless handsets. Some goof thought he was being slick by boosting the power output (the range to the rest of you) of his 49 MHz cordless phone - from a half-mile away, his bank account got compromised in 10 minutes of monitoring him. Others left 900 MHz "baby monitors" on & transmitting 24/7 - THOSE recordings would have made for interesting blackmail material at the very least. Bottom line - if you have something someone else wants, they'll take it, period. Trick is LOOKING like you would make a lousy target. Alas, even as we secured cordless handsets, we made Web access idiot-proof. And as we all know, if you engineer stuff so an idiot can use it - idiots will. I;m just grateful they didn't make motorcycles as pathetically simple to use as the Web - if motorcycles caused the mayhem that the Web does, they would have been banned. The Reichwing conspiracy nuts are hilarious - they don't trust the gubmint to provide healthcare, regulate toxics or anything else civilian - but they have no problem with the SAME gubmint building and storing nuclear weapons for a half-century. Hypocrites...

  • M R Says:

    Buy a Mac and don't be stupid. Problem solved.

  • frerd Says:

    Blame it on BIGFOOT!!

  • JohnHolmes Says:

    OMG! It is happening! The govt wants you to believe the "conspiracy" behind the "conspiracy" that they themselves perpetuate. We all need to fear governmental control! since they know about this "conspiracy then they know to access all this information. Think about it? they have the $$, resources, scores of groups, and time to invest in these activities aka "conspiracies". Fight until the end. don't give the bastards the satisfaction! I will send links for future meetings. Be on the lookout! Trust NO ONE!

  • Fatty Arbuckle Says:

    We're all gonna die!!!

  • Cal Says:

    Gee thanks, FBI. I would have never known not to download stuff from pop-up ads when traveling without this advisory. Now I can concentrate on helping foreign nationals collect their lottery winnings by sending them cash, without worrying about malware.

  • supergadfly Says:

    The Department of Justice does the same to U.S. citizens that use the internet to criticize them.They try at suppressing evidence of their harassing of me.

    Department of Justice employees tamper with their suspect's automobiles with the intention of causing an accident.

    Corrupt and stupid is a deadly combination.

    They have been tampering with my car.

    They have loosened steering linkages, tampered with seats, put nails in tires, remove wheel weights, loosened lug nuts, disabled seat belt restraints, disabled anti-lock brake systems, stealing wear item parts with parts from personal automobiles(break pads, rotors, tires, etc...)...

    On this day 9/11/12, a corrupt DEA was witnessed tampering with my car at the Santana Row parking garage.

  • rob Says:

    How exactly is this news?

  • IT Guy Says:

    Well, if you have a 4G phone -- instead of using the hotel's wi-fi, use your phone as a router. Problem solved.

  • ed Says:

    i'd like to know where IT is getting a 3g card for 30 bucks a month... they were charging me about 50-60

  • bill the thrill Says:

    I think you guys are all pretty dam cool. So what ddo you all do, just hangout here and chat about computes and stuff? I love computers, I bring mine to coffe shops and changout with my fellow coffee choppers and chat while drinking coffee. Its cool. I recently moved here to America from Poland. I live in the city and its pretty great. Lots of babes ;) Any European babes in here wanna chat?

  • Uneducated Loser Says:

    The government is hacking my brain.

  • Diablo135 Says:

    Sylvester - you are advising us on how to not get stolen from and your advice is to steal wifi? What a pathetic moron.

  • Hotel Internet Says:

    I think this all happen due to insecure internet connection by hotel service provider.... if they will start improving the hotel internet connectivity by contracting a good network design and WiFi connectivity with encrypted password internet connectivity ... then their would be less chance to feeling inscurity and good for cyber law as well

  • Kilroy Says:

    A VPN is used to encrypt point to point communication traffic. It does nothing for end point protection. Some systems have the capability to verify patch levels and presence of current antivirus updates.

    This attack compromises your computer before a VPN is even established. The attack happens during the initial connection to the hotel wifi.

    SSL VPN will not necessarily protect you either. If the attacker uses a man in the middle attack using a SSL proxy, all communication will be compromised.

  • John Says:

    There isn't anything new or alarming about this. If you're worried about your privacy being invaded, then you need to use a VPN and SSL. And it doesn't take a government agency to put a packet sniffer on a network, if you're communicating 1's and 0's on a network the packets you send are out in the open unless you take steps to encrypt the open.

  • Tim Says:

    It's called VPN people, look into it, that will easily prevent this problem.

  • Allen Says:

    Depending on where you are travelling to just get a 3g dongle with a pre-paid data package. You can do this in most of Europe and probably elsewhere. You can top up if needed but 15 pounds got me enough bandwidth for a month. Not only is it a lot cheaper than the hotel wifi but I find the connectivity to be faster and more reliable as a bonus.

  • Akumu Says:

    The other part to comment on : NDNntheCupboard Says: you may think the fun ssl, or https sites are safe but if people run ssl strip during a man in the middle . it's game over. just thought I would pass this along.

  • Akumu Says:

    first of all the article lacks more information as to how it's done and how to prevent it. Bill Bailey Says: it's not hard to create man in the middle attacks while hijacking and spoofing packets to making people think they are downloading a real item. Using such attack and be done by using open source tools such as backtrack. IT is not hard to hear or shocking to hear that they are also knowing the same tools attackers are using, heck the military uses the same tool set to do their bidding.

  • bill r Says:

    You can duck and dodge but you can't hide. You can make it a little more difficult for hackers, but in so doing you make it harder for yourself to access your own information. Best suggestion above was not to keep anything important on your hard drive, but then, where do you keep it? Do you want to wear a money belt 24/7 containing a written list of all important confidential information? Not too practical.

    Fact is that anyone with the right tools and enough smarts and knowledge of how to use the tools can get all your information. Anyone who thinks differently is just naive.

    I travel all over the world. Have an old MacBook Pro and a new iPad2. I try to be careful about what email I download. I live in SE Asia, home of the hackers and so far I have been lucky. Someone got into my FB and Tweeter and I finally got rid of them after most of my friends on email were sent bullshit advertising that allegedly came from me. No major harm done. I use Sophos and after scanning the 4 million plus files on my puter, Sophos told me I have a threat and quarantined it. I don't know how to remove it and have given up trying. It is in quarantine.

    I use my puter for pleasure and maintaining contact with friends around the world. If I had to use it for business I'd go back to that hard line telephone. If someone wants to tap that, well, this is a country where freedom means the right to drive your motorbike in any direction on any street or sidewalk at any speed. That is the extent, so if they want to tap, go tap. I have few secrets and nothing really to hide. No money in the bank, no credit, and no time for all this nonsense.

  • Yewmustbejoking Says:

    Yes, yes, GOOGLE Chrome is so safe! Of course Google never wants to know your information! They just collect it, compile it and sell it to anybody for a fee!

    What a joke - Chrome is the last brower you should be using if you want safety and privacy.

  • dianne Says:

    VPN covers transmission. Keystroke loggers are the bigger problem.

  • NDNntheCupboard Says:

    Seriously? ID thieves have been working since the inception of the internet. Most people fail to remember the internet is one big network segmented up like any other VLAN and/or LAN. Here's my two cents that'll help you avoid the chewy chunks:

    1.) Use the Chrome browser.
    2.) Use Incognito windows in the Chrome browser.
    3.) Use VPN software to connect to secure sites.
    4.) Never have confidential or sensitive data on your hard drive AT ALL. Save, edit, and send using a secure source for accessing the an HTTPS workspace or VPN protected tunnels.

    Also, Mac's are UNIX driven...thereby susceptible to malware as well. If it has's vulnerable.

  • bob Says:

    @CJ, you are an idiot. A vpn will indeed help if you have all of you traffic routed through it. All vpn solutions I know of not only encrypt traffic from point to point but also ensure that the remote end is who you think they are. Also how is "harden your network adaptor" going to help on an open (unhardened if we are going to use your retard vocabulary) wifi connection?

  • CJ Says:

    VPN's won't solve anything, it's the local wifi network you're connecting to that's the problem. Same thing would happen if you infected the local DNS server. The malware isn't downloading automatically, so all you have to do is click "no" to the install. Or even better, unreasonably harden your network adaptor so there's no possibility of it happening in the first place.

  • Joe Says:

    A lot of good points here guys, but how do we know if the Crooks,FBI,and CIA are not the ones leaving an inacent reply. Just a question.

  • Andre Says:

    My brother in law works for the FBI in "non-traditional organized crime" (read: non-Italians), and he says that the FBI knows this stuff by busting one person and getting him/her (it's usually a him) to wear a wire and snitch on his mates or to inform on the others. So, it's not like the FBI "guesses" about how this stuff works. They usually find out from the criminals themselves.

Back to top