Kaspersky Lab researchers indicated that the attackers left a footprint in a string within their malicious code pointing to a Korean-speaking actor. Kaspersky Lab’s products detect and neutralise the malicious programmes and their variants used by the Darkhotel toolkit. Kaspersky Lab is currently working with relevant organisations to best mitigate the problem.
When traveling, any network, even semi-private ones in hotels, should be viewed as potentially dangerous. The Darkhotel case illustrates an evolving attack vector: individuals who possess valuable information can easily fall victim to Darkhotel itself, as it is still active, or to something similar to a Darkhotel attack. To prevent this, Kaspersky Lab has the following tips: