Security researchers have put out a call to the public to help verify the claim that hackers that are targeting Wi-Fi networks in hotels.
The warning was sounded last week, with the US Federal Bureau of Investigation (FBI) issuing an intelligence note stating that its recent analysis has found that travellers are being targeted when they connect to their hotel room internet connections.
"In these instances, the traveller was attempting to set up the hotel room internet connection, and was presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop," the note said.
In light of this claim, Errata Security researcher Robert Graham has put out a call, asking information security professionals to send back information whenever they are in a hotel, so that the issue can be investigated further.
Graham has four theories on how the hackers are carrying out the attack:
They have an evil Wi-Fi access point you connect to instead of the hotel's
They compromise the hotel's access point and install OpenWRT on it
They compromise a deep-packet-inspect device inside the hotel's network
They compromise a device in the upstream network.
In order to figure out which method is being used, however, Graham requires fresh information.
Novice users can easily email the source code of web pages to Graham if they are don't know what suspicious code to look for, but Graham hopes that the more technical minded will also be able to send dumps of raw capture logs when a user attempts to access a log-in page.