Tag Archive for: hotels

Hacking group used ProxyLogon exploits to breach hotels worldwide

/in


Hacking group used ProxyLogon exploits to breach hotels worldwide

Image: Marten Bjork

A newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies.

Slovakian internet security firm ESET spotted the hacking group (dubbed FamousSparrow) and described it as an “advanced persistent threat.”

The cyberspies have targeted victims from all over Europe (France, Lithuania, the UK), the Middle East (Israel, Saudi Arabia), the Americas (Brazil, Canada, Guatemala), Asia (Taiwan), and Africa (Burkina Faso) in attacks spanning the last two years.

“The targeting, which includes governments worldwide, suggests that FamousSparrow’s intent is espionage,” ESET researchers Matthieu Faou and Tahseen Bin Taj said.

FamousSparrow targets' geo distribution
Image: ESET

ProxyLogon exploits used one day after patch

The group has used multiple attack vectors in Internet-exposed web applications to breach its targets’ networks, including remote code execution vulnerabilities in Microsoft SharePoint, the Oracle Opera hotel management software, and the Microsoft Exchange security flaws known as ProxyLogon.

After breaching their victims’ networks, the group deployed custom tools such as a Mimikatz variant, a small tool designed to harvest memory contents (such as credentials) by dumping the Windows LSASS process, and a backdoor known as SparrowDoor only used by FamousSparrow.

“FamousSparrow is currently the only user of a custom backdoor that we discovered in the investigation and called SparrowDoor. The group also uses two custom versions of Mimikatz,” Bin Taj explained.

“The presence of any of these custom malicious tools could be used to connect incidents to FamousSparrow.”

The espionage group also started targeting Microsoft Exchange servers not patched against the ProxyLogon vulnerabilities in March 2021, one day after Microsoft fixed the bugs.

ESET also shared info on at least ten hacking groups actively abusing these bugs after joining the March Microsoft Exchange attack frenzy.

According to reports from other security firms, in-the-wild exploitation began on January 3rd, way before the bugs were even reported to…

Source…

Watch a Hacker Hijack a Capsule Hotel’s Lights, Fans, and Beds

/in


Kyasupā wondered if he could hack his hotel’s iPod Touch controls after they handed it to him at check in, but he didn’t want to waste his vacation time reverse engineering the system. He says he changed his mind after a noisy neighbor kept him up for several nights. “I thought it would be nice if I could take control of his room and make him have a lovely night,” he writes. “That’s how I decided to start to analyze how everything worked.”

The iPods the hotel issued as remote controls were locked with iOS’ “guided access” setting that prevents users from leaving the Nasnos remote control app. But Kyasupā found he could simply let the iPod’s battery drain and restart it to gain full access—a hard reboot is a known guided access workaround—and the iPod didn’t have a PIN set for its lockscreen. He then saw that the iPod was connecting via Wi-Fi to a Nasnos router—each room seemed to have its own—that in turn connected via radio to the other digital devices in the room like its lights, fan, and foldout couch.

To intercept the app’s commands from the iPod to the Nasnos router, Kyasupā knew he’d have to find the password to access that router. But remarkably, he found that the Nasnos routers used WEP encryption by default, a form of Wi-Fi security known for decades to be easily crackable. “Seeing that WEP is still used in 2019, it’s crazy,” he writes. Using the program AircrackNG, he brute-forced the router’s password and connected to it from this laptop. He was then able to use his Android phone as a Wi-Fi hotspot, connect the iPod to that hot spot, and route it through his laptop. Finally, he connected the laptop to the Nasnos router via Wi-Fi and used that setup as a man-in-the-middle to eavesdrop on all the iPod’s communications to the router.

Kyasupā then tried out every function in the app—such as turning lights on and off, converting the couch to a bed, and so on—while recording the data packets sent for each one. Because the Nasnos app used no actual authentication or encryption in its communications with the router, other than the WEP Wi-Fi encryption, he could then connect to the room’s router with his laptop instead and replay those commands to trigger the…

Source…

Data Breach in Arizona Hits Restaurants, Hotels – Insurance Journal

/in

Data Breach in Arizona Hits Restaurants, Hotels  Insurance Journal

A data breach may have compromised the personal information of customers who patronized any of 50 Arizona businesses last month. North Country Business.

“data breach” – read more

Marriott Breach: Hotel’s Passport Replacement Promise Is Baloney – Fortune

/in

Marriott Breach: Hotel’s Passport Replacement Promise Is Baloney  Fortune

Why hotel chain Marriott likely won’t have to reimburse victims of fraud for the cost of passport replacements after its data breach.

“data breach” – read more