May 09, 2012, 8:44 PM — The FBI today warned travelers there has been an uptick in malicious software infecting laptops and other devices linked to hotel Internet connections.
The FBI wasn't specific about any particular hotel chain, nor the software involved but stated: "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms.
The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor's website if updates are necessary while abroad."
The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.
The warning was issued through the FBI's partnership with the Internet Crime Complaint Center's (IC3) and comes on the heels of a number of other warnings such as:
Investment scam: The IC3 continues to receive complaints involving subjects who have obtained the names and Social Security numbers of individuals for illegal purposes. Subjects use the information to defraud the U.S. government by electronically submitting a fraudulent tax return to Internal Revenue Service for a hefty refund. The prevalence of such complaints mirrors the recent surge in tax fraud cases involving identity theft.