FRANKFURT: A cyber-spying group with suspected links to Russian military intelligence was probably behind a campaign targeting hotel guests in eight mostly European countries last month, researchers at security firm FireEye said on Friday.
The espionage group, dubbed APT 28, sought to steal password credentials from Western government and business travelers using hotel Wi-Fi networks, in order then to infect their organizational networks back home, FireEye said in a report.
The wave of attacks during the first week of July targeted travelers who were staying in several hotel chains in at least seven countries in Europe and one in the Middle East, it said.
These preliminary findings are the latest to allege that Russia is engaged in far-flung hacking activity aimed at governments, businesses and election campaigns, including Hillary Clinton’s unsuccessful White House bid last year.
Several governments and security research firms have linked APT 28 to the GRU, Russia’s military intelligence directorate. Other researchers have tracked the same pattern of attacks, but stopped short of linking APT 28 to the Russian state.
Moscow vehemently denies the accusations.
Benjamin Read, manager of cyber espionage analysis for US-based FireEye, said the technical exploits and remote chain of command used to mount the attacks all clearly pointed to APT 28, whose vast scope of activities his firm has detailed since 2014.
“We are moderately confident in our assessment,” Read told Reuters, saying this was because the technical inquiry was still in its early days. “We just don’t have the smoking gun yet.”
The latest attempts were identified and thwarted in the initial infiltration stage. But similar methods were used in the autumn of 2016 at hotels in Europe, and managed to breach the computer of a US government employee, he said.
In the July attacks, FireEye found spear-phishing emails were used to trick hotel employees to download an infected hotel reservation document, which then installed Gamefish malware run remotely from Internet sites known to be controlled by APT 28.
This foothold gave the cyber spies control over guest wifi networks and could help them grab passwords of targeted victims and sniff unencrypted data being transmitted to shared network drives in the up-market, business-class hotels of major cities.
“We did not observe any guest credentials being stolen. However there were multiple hotel chains targeted and we don’t know the full extent of the operation,” Read said.
The July attacks took advantage of a recently leaked piece of malicious software known as EternalBlue, believed to have been stolen from the US National Security Agency, giving hackers a highly sophisticated way to move silently inside organizations’ networks once they infect even a single machine.
It was also EternalBlue that fueled the worldwide spread of WannaCry ransomware in May and the NotPetya attack against Ukraine in June, which fanned out globally to hit dozens of major firms.
The 2016 hotel attacks tricked one user with a fake Adobe Flash update and were likely launched by a nearby hacker on the same guest Wi-Fi network, FireEye said. APT 28 logged into the guest’s web-based Outlook e-mail account 12 hours later, it said.
The government employee returned to the US and the infection spread to their agency when their computer was reconnected to the network, Read said.
He declined to comment on how far the attack reached or whether it caused any damage.
![]()
Russia-linked hackers ‘targeted hotel guests across Europe’
Russia-linked hackers ‘targeted hotel guests across Europe’
Trump to host Colombia’s Petro just weeks after insulting him as a ‘sick man’ fueling drug trade
WASHINGTON: President Donald Trump is set to welcome Colombian President Gustavo Petro to the White House on Tuesday for talks only weeks after threatening military action against the South American country and accusing the leader of pumping cocaine into the United States.
US administration officials say the meeting will focus on regional security cooperation and counternarcotics efforts. And Trump on Monday suggested that Petro — who has continued to criticize Trump and the US operation to capture Venezuela’s Nicolás Maduro — seems more willing to work with his administration to stem the flow of illegal drugs from Colombia.
“Somehow after the Venezuelan raid, he became very nice,” Trump told reporters. “He changed his attitude very much.”
Yet, bad blood between the leaders overshadows the sit-down, even as Trump sought to downplay any friction on the eve of the visit.
The conservative Trump and leftist Petro are ideologically far apart, but both leaders share a tendency for verbal bombast and unpredictability. That sets the stage for a White House visit with an anything-could-happen vibe.
In recent days, Petro has continued poking at the US president, calling Trump an “accomplice to genocide” in the Gaza Strip, while asserting that the capture of Maduro was a kidnapping.
And ahead of his departure for Washington, Petro called on Colombians to take to the streets of Bogotá during the White House meeting.
There’s been a shift in US-Colombia relations
Historically, Colombia has been a US ally. For the past 30 years, the US has worked closely with Colombia, the world’s largest producer of cocaine, to arrest drug traffickers, fend off rebel groups and boost economic development in rural areas.
But relations between the leaders have been strained by Trump’s massing US forces in the region for unprecedented deadly military strikes targeting suspected drug smuggling boats in the Caribbean Sea and eastern Pacific. At least 126 people have been killed in 36 known strikes.
In October, the Trump administration announced it was imposing sanctions on Petro, his family and a member of his government over accusations of involvement in the global drug trade.
The Treasury Department leveled the penalties against Petro; his wife, Veronica del Socorro Alcocer Garcia; his son, Nicolas Fernando Petro Burgos; and Colombian Interior Minister Armando Alberto Benedetti.
The sanctions, which had to be waived to allow Petro to travel to Washington this week, came after the US administration in September announced it was adding Colombia to a list of nations failing to cooperate in the drug war for the first time in three decades.
Then came the audacious military operation last month to capture Maduro and his wife to face federal drug conspiracy charges, a move that Petro has forcefully denounced. Following Maduro’s ouster, Trump put Colombia on notice, and ominously warned Petro he could be next.
Colombia is “run by a sick man who likes making cocaine and selling it to the United States,” Trump said of Petro last month. “And he’s not gonna be doing it very long, let me tell you.”
But a few days later, tensions eased somewhat after a call between the leaders. Trump said Petro in their hourlong conversation explained “the drug situation and other disagreements.” And Trump extended an invitation to Petro for the White House visit.
Trump on a couple of occasions has used the typically scripted leaders’ meetings to deliver stern rebukes to counterparts in front of the press.
Trump and Vice President JD Vance lashed out at Ukrainian President Volodymyr Zelensky in February for showing insufficient gratitude for US support of Ukraine. Trump also used a White House meeting in May to forcefully confront South African President Cyril Ramaphosa,accusing the country, with reporters present, of failing to address Trump’s baseless claim of the systematic killing of white farmers.
It was not clear that the meeting between Trump and Petro would include a portion in front of cameras.
US administration officials say the meeting will focus on regional security cooperation and counternarcotics efforts. And Trump on Monday suggested that Petro — who has continued to criticize Trump and the US operation to capture Venezuela’s Nicolás Maduro — seems more willing to work with his administration to stem the flow of illegal drugs from Colombia.
“Somehow after the Venezuelan raid, he became very nice,” Trump told reporters. “He changed his attitude very much.”
Yet, bad blood between the leaders overshadows the sit-down, even as Trump sought to downplay any friction on the eve of the visit.
The conservative Trump and leftist Petro are ideologically far apart, but both leaders share a tendency for verbal bombast and unpredictability. That sets the stage for a White House visit with an anything-could-happen vibe.
In recent days, Petro has continued poking at the US president, calling Trump an “accomplice to genocide” in the Gaza Strip, while asserting that the capture of Maduro was a kidnapping.
And ahead of his departure for Washington, Petro called on Colombians to take to the streets of Bogotá during the White House meeting.
There’s been a shift in US-Colombia relations
Historically, Colombia has been a US ally. For the past 30 years, the US has worked closely with Colombia, the world’s largest producer of cocaine, to arrest drug traffickers, fend off rebel groups and boost economic development in rural areas.
But relations between the leaders have been strained by Trump’s massing US forces in the region for unprecedented deadly military strikes targeting suspected drug smuggling boats in the Caribbean Sea and eastern Pacific. At least 126 people have been killed in 36 known strikes.
In October, the Trump administration announced it was imposing sanctions on Petro, his family and a member of his government over accusations of involvement in the global drug trade.
The Treasury Department leveled the penalties against Petro; his wife, Veronica del Socorro Alcocer Garcia; his son, Nicolas Fernando Petro Burgos; and Colombian Interior Minister Armando Alberto Benedetti.
The sanctions, which had to be waived to allow Petro to travel to Washington this week, came after the US administration in September announced it was adding Colombia to a list of nations failing to cooperate in the drug war for the first time in three decades.
Then came the audacious military operation last month to capture Maduro and his wife to face federal drug conspiracy charges, a move that Petro has forcefully denounced. Following Maduro’s ouster, Trump put Colombia on notice, and ominously warned Petro he could be next.
Colombia is “run by a sick man who likes making cocaine and selling it to the United States,” Trump said of Petro last month. “And he’s not gonna be doing it very long, let me tell you.”
But a few days later, tensions eased somewhat after a call between the leaders. Trump said Petro in their hourlong conversation explained “the drug situation and other disagreements.” And Trump extended an invitation to Petro for the White House visit.
Trump on a couple of occasions has used the typically scripted leaders’ meetings to deliver stern rebukes to counterparts in front of the press.
Trump and Vice President JD Vance lashed out at Ukrainian President Volodymyr Zelensky in February for showing insufficient gratitude for US support of Ukraine. Trump also used a White House meeting in May to forcefully confront South African President Cyril Ramaphosa,accusing the country, with reporters present, of failing to address Trump’s baseless claim of the systematic killing of white farmers.
It was not clear that the meeting between Trump and Petro would include a portion in front of cameras.
Latest updates
Recommended
© 2026 SAUDI RESEARCH & PUBLISHING COMPANY, All Rights Reserved And subject to Terms of Use Agreement.