/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/post_banners/wp-content/uploads/2015/07/cyberattack_1805164b.jpg)
NEW DELHI: Cybersecurity firm Kaspersky Lab has discovered that the “Darkhotel”, an elite spying crew uncovered by its experts in 2014 and famous for infiltrating Wi-Fi networks in luxury hotels, has been using a zero-day vulnerability from Hacking Team’s collection after the leak of Hacking Team files on July 5.
This is not the group’s only zero-day; Kaspersky Lab estimates that over the past few years it may have gone through half a dozen or more zero-days targeting Adobe Flash Player, apparently investing significant money in supplementing its arsenal.
In 2015, the Darkhotel group extended its geographical reach around the world while continuing to spearphish targets in North and South Korea, Russia, Japan, Bangladesh, Thailand, India, Mozambique and Germany.
Kaspersky Lab’s security researchers have registered new techniques and activities from Darkhotel, a known advanced persistent threat (APT) actor that has been active for almost eight years.
In attacks dated 2014 and earlier, the group misused stolen code-signing certificates and employed unusual methods like compromising hotel Wi-Fi to place spying tools on targets’ systems. In 2015, many of these techniques and activities have been maintained, but Kaspersky Lab has also uncovered new variants of malicious executable files, the ongoing use of stolen certificates, relentless spoofing social-engineering techniques and the deployment of Hacking Team’s zero-day vulnerability,