Hilton Tokyo - ID stolen via Wifi (January 2016)
- Thread starter Cynicor
- Start date
- Status
Re: Hilton Tokyo - ID stolen via Wifi
Tell me about it. We all thought the issue was Dad and his computers which are old, unpatched and have adware, but realisticlly mine was the only one with enough data for everyone to be hacked, and then the AFP asked about Hilton Tokyo too... Embarrassing to say the least.
Tell me about it. We all thought the issue was Dad and his computers which are old, unpatched and have adware, but realisticlly mine was the only one with enough data for everyone to be hacked, and then the AFP asked about Hilton Tokyo too... Embarrassing to say the least.
JohnK
Veteran Member
- Joined
- Mar 22, 2005
- Posts
- 44,106
Re: Hilton Tokyo - ID stolen via Wifi
Wouldn't this be a more common problem not just with identity theft?
Daver6
Enthusiast
- Joined
- Dec 31, 2011
- Posts
- 11,024
- Qantas
- Platinum
- Virgin
- Gold
Re: Hilton Tokyo - ID stolen via Wifi
On the phone number porting side. This is why two factor authentication using SMS is considered insecure. Actually part of the reason, not the only reason.
Unless you had the documents the were compromised in a shared/public folder, I don't see how its possible they were access then UNLESS there was another "in" into your computer. Ie, password compromised or via a zero day exploit.
Not suggesting for a minute you did anything wrong. I just find it intriguing and being a field of interest to me, am curious what the actual exploit was.
On the phone number porting side. This is why two factor authentication using SMS is considered insecure. Actually part of the reason, not the only reason.
Unless you had the documents the were compromised in a shared/public folder, I don't see how its possible they were access then UNLESS there was another "in" into your computer. Ie, password compromised or via a zero day exploit.
Not suggesting for a minute you did anything wrong. I just find it intriguing and being a field of interest to me, am curious what the actual exploit was.
lovetravellingoz
Enthusiast
- Joined
- Jul 13, 2006
- Posts
- 12,709
Re: Hilton Tokyo - ID stolen via Wifi
I travel with a laptop too. But I do not store any real critical info on the actual computer (it may be lost, stolen, hacked, fail etc. The computer is just used to access that type of info if required.
For each trip I will normally as back up, and for convenience, have a travel folder with PDFs of travel vouchers, bookings etc. But that is about it.
I certainly do not store any financial details on the laptop.
My latest laptop has a fingerprint scanner for logging in, and after reading this thread I am more glad I went that way.
I travel with a laptop too. But I do not store any real critical info on the actual computer (it may be lost, stolen, hacked, fail etc. The computer is just used to access that type of info if required.
For each trip I will normally as back up, and for convenience, have a travel folder with PDFs of travel vouchers, bookings etc. But that is about it.
I certainly do not store any financial details on the laptop.
My latest laptop has a fingerprint scanner for logging in, and after reading this thread I am more glad I went that way.
Last edited:
lovetravellingoz
Enthusiast
- Joined
- Jul 13, 2006
- Posts
- 12,709
Re: Hilton Tokyo - ID stolen via Wifi
Nasty.
But from what I have read in this thread it would seem that you are just guessing it was via the wifi, and the hotel's wifi
That the AFP nominated that particular hotel means that there was something about that hotel that was involved. Hotel Wifi possibly. But lots of other possibilities including other quests, employees, or other who could just access the hotel or indeed be nearby.
ie
As already mentioned someone providing a fake free hotel internet access ( or was yours a hotel internet where you had to pay for the internet, and is so was it on your bill?)
Someone having a secret camera positioned over say the room desk so that they could see the login used. and not just the login of your laptop, but also to any of the sites you then accessed. And if you then left the laptop out when you were out they could then access your computer which would make the process of extracting data, installing data logging software a lot more difficult.
Nasty.
But from what I have read in this thread it would seem that you are just guessing it was via the wifi, and the hotel's wifi
That the AFP nominated that particular hotel means that there was something about that hotel that was involved. Hotel Wifi possibly. But lots of other possibilities including other quests, employees, or other who could just access the hotel or indeed be nearby.
ie
As already mentioned someone providing a fake free hotel internet access ( or was yours a hotel internet where you had to pay for the internet, and is so was it on your bill?)
Someone having a secret camera positioned over say the room desk so that they could see the login used. and not just the login of your laptop, but also to any of the sites you then accessed. And if you then left the laptop out when you were out they could then access your computer which would make the process of extracting data, installing data logging software a lot more difficult.
Re: Hilton Tokyo - ID stolen via Wifi
Actually - is there anywhere to store personal / financial data safely in the cloud?
I used to store mine in google drives.. but since deleted it last night after the OP's story!
Actually - is there anywhere to store personal / financial data safely in the cloud?
I used to store mine in google drives.. but since deleted it last night after the OP's story!
lovetravellingoz
Enthusiast
- Joined
- Jul 13, 2006
- Posts
- 12,709
Re: Hilton Tokyo - ID stolen via Wifi
I think that there are some apps that you can use.
But I just minimise things by:
1/ Cryptically storing the login/username (BUT not the password) buried within numerous folders in an email account if it is not something that I will 100% remember (ie some use email addresses and so need to store). My most used usernames (ie main bank, Amex) I just remember, and so it is more for accounts that are not regulars. ie credit cards that I am churning etc.
2/ I have a system that I use for passwords so that each password is unique, but that I can generate it in my head on demand. My wife knows my system and so she can access if something happened to myself.
I think that there are some apps that you can use.
But I just minimise things by:
1/ Cryptically storing the login/username (BUT not the password) buried within numerous folders in an email account if it is not something that I will 100% remember (ie some use email addresses and so need to store). My most used usernames (ie main bank, Amex) I just remember, and so it is more for accounts that are not regulars. ie credit cards that I am churning etc.
2/ I have a system that I use for passwords so that each password is unique, but that I can generate it in my head on demand. My wife knows my system and so she can access if something happened to myself.
Daver6
Enthusiast
- Joined
- Dec 31, 2011
- Posts
- 11,024
- Qantas
- Platinum
- Virgin
- Gold
Re: Hilton Tokyo - ID stolen via Wifi
The way this attack would work is instead of connecting to the hotel wifi, you connect to the bad actor's wifi access point. This access point then connects to the hotel's network. Now all traffic can be intercepted and decrypted on the layer 2 level. However, if using https, the layer 3 traffic is still going to be encrypted. The way around this would be with DNS spoofing. So when you go to gmail.com to access your email, instead you get redicrected to gmaill.com and probably don't notice the difference. Now the secure connection is between your computer and gmaill.com which belongs to the bad actor. they simply pass on the credentials to gmail.com and save them for another day to access your email account.
Chances are you wouldn't have noticed gmaill instead of gmail (just using this as an example).
If the OP only had their data stored locally on their computer and didn't transmit it, then this wasn't the attack vector used.
The way this attack would work is instead of connecting to the hotel wifi, you connect to the bad actor's wifi access point. This access point then connects to the hotel's network. Now all traffic can be intercepted and decrypted on the layer 2 level. However, if using https, the layer 3 traffic is still going to be encrypted. The way around this would be with DNS spoofing. So when you go to gmail.com to access your email, instead you get redicrected to gmaill.com and probably don't notice the difference. Now the secure connection is between your computer and gmaill.com which belongs to the bad actor. they simply pass on the credentials to gmail.com and save them for another day to access your email account.
Chances are you wouldn't have noticed gmaill instead of gmail (just using this as an example).
If the OP only had their data stored locally on their computer and didn't transmit it, then this wasn't the attack vector used.
Australia's highest-earning Velocity Frequent Flyer credit card: Offer expires: 21 Jan 2025
- Earn 60,000 bonus Velocity Points
- Get unlimited Virgin Australia Lounge access
- Enjoy a complimentary return Virgin Australia domestic flight each year
- Earn 60,000 bonus Velocity Points
- Get unlimited Virgin Australia Lounge access
- Enjoy a complimentary return Virgin Australia domestic flight each year
Re: Hilton Tokyo - ID stolen via Wifi
I am as intrigued as you are Daver, because the first phone accounts moved were my parents. I did no banking at all at the hotel. I used the hotel's wifi, but unless it was a great spoof of it, then I don't believe it was on an alternate system. As mentioned though, this wouldn't explain the attack fully anyway.
The whole camera and logging on scenario is, oddly, as plausible as any other at this point in time. They are very slick though, so I reckon they earned their money.
I am as intrigued as you are Daver, because the first phone accounts moved were my parents. I did no banking at all at the hotel. I used the hotel's wifi, but unless it was a great spoof of it, then I don't believe it was on an alternate system. As mentioned though, this wouldn't explain the attack fully anyway.
The whole camera and logging on scenario is, oddly, as plausible as any other at this point in time. They are very slick though, so I reckon they earned their money.
Re: Hilton Tokyo - ID stolen via Wifi
And it is true I have no proof that this occurred in the Hilton Toyko, except:
1. The AFP asking, and having had over several months, similar events with that being the only known connection. Also reports from 1 or 2 others around the world with similar claims.
2. The timing of the attack- it was within 2 weeks of leaving this hotel.
3. My computer being the likely vector makes the most sense, as I have a lot of info on my parents on it- I book all of their flights.
4. No better explanation.
I am fully open to the idea that there is another answer, but no one has really given me a plausible alternative.
This is the article about the students who opened accounts in WA. No idea if there was any relationship to my issues.
http://www.abc.net.au/news/2016-03-...elaiton-to-estonian-bank-account-scam/7221832
And it is true I have no proof that this occurred in the Hilton Toyko, except:
1. The AFP asking, and having had over several months, similar events with that being the only known connection. Also reports from 1 or 2 others around the world with similar claims.
2. The timing of the attack- it was within 2 weeks of leaving this hotel.
3. My computer being the likely vector makes the most sense, as I have a lot of info on my parents on it- I book all of their flights.
4. No better explanation.
I am fully open to the idea that there is another answer, but no one has really given me a plausible alternative.
This is the article about the students who opened accounts in WA. No idea if there was any relationship to my issues.
http://www.abc.net.au/news/2016-03-...elaiton-to-estonian-bank-account-scam/7221832
- Joined
- Jun 18, 2015
- Posts
- 614
- Qantas
- Bronze
- Virgin
- Red
Re: Hilton Tokyo - ID stolen via Wifi
Possible laptop cloning when you were not in the room?
The WiFi vector seems a stretch to get so much info.
What about the hotel itself having their point of sale systems compromised with your info being in there.
Possible laptop cloning when you were not in the room?
The WiFi vector seems a stretch to get so much info.
What about the hotel itself having their point of sale systems compromised with your info being in there.
Re: Hilton Tokyo - ID stolen via Wifi
Had to be via laptop in some way, unless it is Hilton Worldwide that is the issue, as my parents were in another part of the world at the same time, and so was my brother.
Cloning/access was a possibility I had not considered, but I think they would have needed a password to get to anything?
Had to be via laptop in some way, unless it is Hilton Worldwide that is the issue, as my parents were in another part of the world at the same time, and so was my brother.
Cloning/access was a possibility I had not considered, but I think they would have needed a password to get to anything?
Isochronous
Established Member
- Joined
- Dec 18, 2009
- Posts
- 4,679
Re: Hilton Tokyo - ID stolen via Wifi
Chilling story - now makes one think how we should deal with keeping passport/bank statement etc scans and the best way of protecting those.
Chilling story - now makes one think how we should deal with keeping passport/bank statement etc scans and the best way of protecting those.
Daver6
Enthusiast
- Joined
- Dec 31, 2011
- Posts
- 11,024
- Qantas
- Platinum
- Virgin
- Gold
Re: Hilton Tokyo - ID stolen via Wifi
Use something like https://www.veracrypt.fr/en/Home.html would be my suggestion. However, that's not going to protect you if someone has a back-door into your computer. Once you have the virtual disk decrypted to access the information, so could the bad actor with access to your machine.
Use something like https://www.veracrypt.fr/en/Home.html would be my suggestion. However, that's not going to protect you if someone has a back-door into your computer. Once you have the virtual disk decrypted to access the information, so could the bad actor with access to your machine.
I about it at the time, actually, and on the FT thread on the hotel. Welcome to go hunt for them 
This was recently split off from a thread on which Hilton to stay in Tokyo, and I added the final paragraph as an aside, which sparked a longer conversation.
*edit* You post actually annoyed me as it sounded slightly accusatory but I've gone back to the original and the way it has been cut does leave a lot of ambiguity. I'll ask a mod to add "on my last stay in Jan 2016" to the first post.
This was recently split off from a thread on which Hilton to stay in Tokyo, and I added the final paragraph as an aside, which sparked a longer conversation.*edit* You post actually annoyed me as it sounded slightly accusatory but I've gone back to the original and the way it has been cut does leave a lot of ambiguity. I'll ask a mod to add "on my last stay in Jan 2016" to the first post.
- Status
Become an AFF member!
Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!
AFF forum abbreviations
Wondering about Y, J or any of the other abbreviations used on our forum?Check out our guide to common AFF acronyms & abbreviations.
