While summer might be almost over, letting one’s guard down is still a risk – one we’re not willing to take. For this reason only, we’ve listed here the three main cyber-threats to be on lookout when you’re not being too carried away with the scenery.

1. 3 main cyber-threats to be on the lookout for during the holidays
While summer might be almost over, letting one’s guard down is still a risk – one we’re not willing to take. For
this reason only, we’ve listed here the three main cyber-threats to be on lookout when you’re not being too
carried away with the scenery.
1. The dangers of public Wi-Fi
Be it at the airport, in coffee shops or back at your hotel room, public Wi-Fi is a particularly tricky thing nowadays.
For one thing, it’s free, which makes it the easiest and the most attractive option for tourists. But just because
something’s convenient, doesn’t necessarily mean it’s also safe. Where there’s complimentary Wi-Fi, there’s
probably a dozen hackers lurking around, looking for ways to compromise your computer.
One such example is the DarkHotel hacker group, active for more than 10 years according to ZDNet. The latter
is apparently dropping a very ingenious malware on luxury hotels and carefully handpicking its targets, which
include political representatives and company executives.
Dubbed Inexsmar, the cyber-attack is conducted in several stages: first the hotel’s Wi-Fi network is compromised
(either by exploiting vulnerabilities in server software, or by getting physical access to the infrastructure), then
users of interest are targeted using highly convincing phishing emails.
A Word file that actually contains a Trojan payload is attached to the message, making it so that, once opened,
the user is completely distracted from the malicious software that is currently downloading itself on the
computer. One must note that this Trojan is more evolved than others since it does not send its payload all at
once, managing to cover its tracks and remain undetected.
Stay on the lookout for Inexsmar by being extra-careful with your emails while away from work. Social
engineering is never on leave of absence.
2. The two-faced taxi app
Uber has become increasingly popular and hackers are not shying away from the opportunity transportation
apps present themselves with. While the Uber or other taxi apps haven’t been hacked per se, another Trojan
malware is wreaking havoc on Android mobile by impersonating the interfaces of our favorite riding apps.
Dubbed Faketoken, its end goal is to get its hands on your bank credentials. That being said, the first sign of
infection is related to this very piece of information: if your app asks you to re-enter you card details, don’t! If
you’ve been using the app for a while, it should already have this information. There are cases when a credit
card expires and information must be re-intered, however we advise you to proceed with caution.
While this is not the first time we’ve heard of the malware in question, Faketoken has definitely gotten more
sophisticated as time has passed. According to security experts, the Trojan generally infects smartphones through
bulk SMS messages with a prompt to download images. Sounds familiar? You’ve certainly received one of these
weird text on your mobile before. Now, if you ignore it, nothing happens. Click on the link on all the Trojan will
begin spying all that goes on on your phone.
Once it detects an app whose interface it can mimic, Faketoken immediately overlays said application with its

2. 3. A PowerPoint laced with malware
You know by now to never enable Macro in suspicious Word or Excel files, but what about other files? This is
not a topic we’ve dwelled on before, but malware can also spread using PowerPoint presentations.
If you’re like most folk, you probably enjoy getting a personalized holiday e-card, you know, those old-school
PowerPoint shows that are sort of a guilty pleasure. Or maybe you’re just checking your work emails from time
to time to keep in touch with important affairs. Either way, scammers have unfortunately seized this as an
opportunity, sending out fake presentations filled with malware instead of holiday wishes or business briefings.
This time however, hackers have gone one step further with the help of one PowerPoint trick that doesn’t even
require the user to click on file in order for the infection to commence. Exploiting the CVE-2017-0199
vulnerability, the perpetrators rely on a completely new method that abuses PowerPoint Slide Show.
To be clear, the malware is actually a banking Trojan designed to get remote access. It spreads via phishing
campaigns containing a PowerPoint Show (.pps). It must be noted that these files differ from usual PowerPoint
files (.ppt and .pptx) in a sense that they cannot be edited and require to be opened solely in presentation
mode.
Malicious links are carefully embedded in the PowerPoint slides and trigger the Trojan installation as soon as
they sense any hovering or a mouse-over action. We’ll resist the urge to say ‘neat’ and prompt you instead to
apply the same caution you’d apply to an Excel file received from a suspicious user.
Link:
https://www.reveelium.com/en/3-main-cyber-threats-to-be-on-the-lookout-for-during-the-holidays/