Hotel Wi-Fi could be feeding your computer malware

Be more cautious if you plan to surf in posh hotels.

Hundreds of thousands of tourists and visitors are, or have been, at risk of being hacked because wireless routers used at many hotel chains carry a serious vulnerability, according to a security firm that uncovered the flaw earlier this month.

Several of ANTLabs' InnGate routers, which are popular across the hospitality industry, have an authentication flaw in their firmware that could, in theory, allow an attacker to inject malware into guests' devices as well as monitor and record data sent over the network.

Security firm Cylance, which unearthed the vulnerability, claims that eight of the top 10 hotel chains worldwide might run a vulnerable device (either from the IG 3100 or InnGate 3 series).

Hotels targeted already

It did acknowledge that having the routers placed behind a firewall helps mitigate the threat as it would require the attacker to be physically closer to the target.

The discovery comes after researchers at another security outfit, Kaspersky Labs, found out that an entity had been carrying out attacks on specific guests who had been staying at high-end hotels in Asia and the US.

ANTlabs has issued a software update which is available from its website, following the official disclosure of the flaw by the CERT Coordination Center team.

Free Wi-Fi is one of the more popular features demanded by guests, who are wanting to share snaps of their holidays with friends and family, among other things.

Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.