Holidaymakers are warned against using hotel wifi after hackers used it to spy on guests and steal their passwords

EVERYONE expects hotels to have wifi on their holiday these days – how else are you supposed to share holiday snaps on Instagram?

But experts are now warning that holidaymakers should avoid publicly accessible internet spots.

3

A cyber-spying group with suspected links to Russian military intelligence has been accused of targeting hotel guests in eight mostly European countries last month.

According to security firm FireEye, the espionage group, dubbed APT 28, sought to steal password credentials from Western government and business travellers using hotel wifi networks, in order then to infect their organisational networks back home.

The wave of attacks during the first week of July targeted travellers who were staying in several hotel chains in at least seven countries in Europe and one in the Middle East.

They are the latest findings to allege that Russia is engaged in far-flung hacking activity aimed at governments, businesses and election campaigns, including Hillary Clinton's unsuccessful White House bid last year.

Several governments and security research firms have linked APT 28 to the GRU, Russia's military intelligence directorate, while other researchers have tracked the same pattern of attacks, but stopped short of linking APT 28 to the Russian state.

Moscow vehemently denies the accusations.

3

According to Benjamin Read, manager of cyber espionage analysis for FireEye, spear-phishing emails were used to trick hotel employees to download an infected hotel reservation document last month.

It then installed GAMEFISH malware run remotely from internet sites known to be controlled by APT 28.

ROGUE ROBES Are you a hotel room thief? Staff reveal you will almost certainly get away with nabbing towels and slippers

This foothold gave the cyber spies control over guest wifi networks and could help them grab passwords of targeted victims and sniff unencrypted data being transmitted to shared network drives.

But the attempts last month were identified and thwarted in the initial infiltration stage.

He added: "We did not observe any guest credentials being stolen. However there were multiple hotel chains targeted and we don't know the full extent of the operation."

3

This isn't the first time that Brits have been spied on through wifi - last year Sun Online revealed that

big high street stores had been secretly tracking shoppers movements using signals from mobile phone wifi.
Retailers say that the technology allows them to better understand customers and improve the shopping experience in store - but that the data they collect is anonymous.

Millions of people fall victim to fraud or cyber crime every year, and there's a new way to find out if you're an easy target.

Consumer group Which? has launched a test which gives you a fraud risk score and explains how you can help protect yourself in future.

MORE HOTEL STORIES

STAR RATING

E4 is offering Brits FREE holidays at a 5* hotel run by celebs in the Med (and they even want hens and stags)

DOG'S DINNER

Hotels across the UK now do room service for dogs... with steak tartare and sushi on the menu

tipadvisor

Hotel boss fined £7k after guests slam disgusting B&B with blood on the walls and slugs on towels falsely advertised as 'Four Stars'

IN THE LAP OF LUXURY

This hotel has been voted the best in the world... but you'll never guess where it is