Big Vulnerability In Hotel Wi-Fi Router Puts Guests At Risk

An anonymous reader writes Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers that many hotel chains depend on for their Wi-Fi networks. Researchers have discovered a vulnerability in the systems, which would allow an attacker to distribute malware to guests, monitor and record data sent over the network, and even possibly gain access to the hotel's reservation and keycard systems. The vulnerability, which was discovered by Justin W. Clarke of the security firm Cylance, gives attackers read-write access to the root file system of the ANTlabs devices. The discovery of the vulnerable systems was particularly interesting to them in light of an active hotel hacking campaign uncovered last year by researchers at Kaspersky Lab. In that campaign, which Kaspersky dubbed DarkHotel.

Cookie authenticated or open WiFi is insecure?

[jafiwam]

Isn't it sort of obvious that hotel networks are a free-for-all security wise?

Use a VPN and SSL.

Re:Tom Bodette will leave the wifi on for you

[Errol+backfiring]

I think you do pay for the wifi. In hotels, it is usually not "free wifi" but "wifi included in the package". If you only visit the hotel without renting a room it may still be open, but it is meant for the paying guests.