Showing results for 
Search instead for 
Did you mean: 

Dark Hotel ? What security changes should I make on the ZD 1100, in relation to the new threat.

New Contributor III
What is best practice, and what changes may help on the ZD1100

With the limited information we could gather on the root cause, WiFi seems to be a conduit to carry out the attack. However, by itself, WiFi or any of its components do not seem to be vulnerable.

Apparently the attack gets seeded into the server, that is hosting some portal, by an unknown mechanism, that lands onto the client device when hotel guests connect via WiFi (during portal-based registration).

This is purely malware with remoting via C&C, which is best handled via security firms specializing in malware detection and prevention. We've read that the impact has been limited to less than a few dozen hotels. However, the exact count is difficult, since the self-erasure technique seems pretty sophisticated.