back to article Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Russian hackers accused of ransacking the US Democratic party's servers last year may now be targeting hotels in Europe and the Middle East, it is claimed. Miscreants are using various techniques, including the leaked NSA EternalBlue exploit also wielded by the WannaCry malware, to hack into laptops and other devices used by …

  1. Lars Silver badge
    Happy

    Curious to know

    How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it.

    1. Anonymous Coward
      Facepalm

      Re: Curious to know

      "How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it."

      You don't you just deflect blame onto "Putin's favorite attack dogs" :)

    2. Doctor Syntax Silver badge

      Re: Curious to know

      "How do you patch a Windows system so that it's safe to click on a .doc file"

      Remove Word.

      1. Anonymous Coward
        Anonymous Coward

        Re: Curious to know

        Remove Windows and install Linux and Libre/Open Office.

    3. Ken Moorhouse Silver badge

      Re: Curious to know

      >How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it.

      Use OpenOffice or LibreOffice.

    4. Law

      Re: Curious to know

      "How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it."

      An older lecturer at university when I was a student refused to use any gui based email or word processing software, this was around win 95 / 98. His reasoning was it was much hard to "catch a cold" using command line based email... he had a point.

    5. Pompous Git Silver badge
      Angel

      Re: Curious to know

      "How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it."
      At a commandline prompt: "C:\Program Files\Microsoft Office\Office\Winword.exe" c:\filename1.doc c:\filename2.doc...

      The /m switch prevents Word from running any AutoExec macros.

    6. Flocke Kroes Silver badge

      Re: Curious to know

      antiword thing.doc >thing.txt

    7. Anonymous Coward
      Anonymous Coward

      Re: Curious to know

      How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it.

      As far as I can tell, you best patch it by using something else. This has been a problem for YEARS (it's probably decades by now). It's ridiculous beyond words (sorry) that this is still a problem but it seems Microsoft are determined to make their products the least safe thing you can use in IT.

      It's almost as if someone pays them to keep putting their customers at risk on a global scale.

      I'm glad we're able to avoid them altogether, I know many companies who do not have that luxury :(.

    8. Anonymous Coward
      Anonymous Coward

      Re: Curious to know

      Headline Story - Ignorant Linux user fails with bad joke attempt, and worse punctuation.

      How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it? <--- Question Mark Needed

      Well, you see, Windows, can't open .doc files. So if you leave your windows install in a state where you never install office.... (and outside of corporates, who buys and uses office? Not counting pirate installs)

      1. Pompous Git Silver badge

        Re: Curious to know

        "Well, you see, Windows, can't open .doc files. So if you leave your windows install in a state where you never install office.... (and outside of corporates, who buys and uses office?"
        You're obviously not a Windows user then. Or perhaps you never thought to try double-clicking a .doc or .docx file. By default, Windows installs include an application called Wordpad that can open and save as these files. There are limitations of course, or there would be no incentive to purchase Word.

        I'm not a corporate, I'm an old age pensioner and I use Office 2010 on a daily basis. I purchased it. I also purchased Office 2013, but it's shit so I sold it on fleabay. I've never managed to install a pirate, though I have in the past used Avast! antivirus.

        1. Ken Moorhouse Silver badge

          Re: WordPad

          I left that out of my list for the reason given:-

          "There are limitations of course, or there would be no incentive to purchase Word."

          OpenOffice and LibreOffice are designed to be able to act as a direct Word replacement in most circumstances.

          WordPad is proprietary, from the same stable as Word, so there is no ability to see if any of the "stubbed hooks" in there are inadvertantly active in certain situations. Situations that could cause malevolent code to run sufficiently to achieve its objectives.

          Running a Windows Update may also affect supporting utilities such as WordPad, whereas there would be no effect on OpenOffice or LibreOffice. Yes, libraries that these two depend on may cause them to break, but prodding such updated libraries with test software will reveal what has changed to cause the problem.

          1. Pompous Git Silver badge

            Re: WordPad

            "OpenOffice and LibreOffice are designed to be able to act as a direct Word replacement in most circumstances."
            With the emphasis on most. For 18 months I used Linux Mint as my main OS and Libre Office for writing. It's a great tool for that, much better than the version of Word that came with Office 2013. But...

            Mrs Git had a formatting problem with a two page document she wanted to circulate. Opening it in Libre Office it was a six page document with lots of blank space. I fired up Word and fixed the problem for Mrs Git. The solution for circulating "complex" documents is usually Adobe Reader and that's a security nightmare too.

            1. DaLo

              Re: WordPad

              "The solution for circulating "complex" documents is usually Adobe Reader and that's a security nightmare too."

              Shome mishtake, shurely? They might be circulated using PDF, the tool used to read the PDF is up to the end user but definitely does not have to be Adobe Reader and many safer alternatives can readily be found.

              1. Pompous Git Silver badge

                Re: WordPad

                "Shome mishtake, shurely? They might be circulated using PDF, the tool used to read the PDF is up to the end user but definitely does not have to be Adobe Reader and many safer alternatives can readily be found."
                I should have expressed myself better; my bad. It's really a can of worms. Adobe Acrobat has any number of proprietary extensions that rival readers do not implement. If you are using them and have the expectation that end-users are going to use them, then full compatibility mandates Adobe's software. I wouldn't want to hand off a document created by a clone where the cost of the press run was several thousand dollars for example. Sure, we run a press proof, but it's amazing what can be missed in proofing.

                I can remember working in an organisation where rather more people had a use for creating PDFs than they were licensed for. I recommended a cheaper rival (PDF Docs IIRC) that also included its own proprietary stuff that would have been particularly useful for the manager. IT ended up purchasing an extra Adobe licence for him.

                As for choice of reader, you are correct. But what if the reader does what Libre Office and TextMaker did to my wife's Word document? Adobe had an excellent idea: portable Postscript files that could be read anywhere. Just a pity about the implementation...

                1. DaLo

                  Re: WordPad

                  But who would create print ready proofs in Acrobat? Surely you would use your DTP or graphics software (InDesign etc) and choose your export format based upon your printer's requirements. If that was PDF then your software would create a pdf from that. You would send it as a PDF and they would use whatever tool they wanted to import the PDF and set it up for printing. You wouldn't know what tool they were going to use to open the PDF for printing.

                  More often than not they would ask for the original binary file, such as an indesign file and set printing up directly from that.

                  Generally, other than font issues a PDF is a PDF and will display the same. It is an open ISO standard and the extensions are just that, extensions. They won't affect layout, they are used mainly for forms, annotations and for 'insecure stuff', javascript/attachments etc. (Acrobat is often used for creating PDF forms)

                  If it is stored as PDF/A then there is unlikely to be any incompatibilities.

                  1. Pompous Git Silver badge

                    Re: WordPad

                    "But who would create print ready proofs in Acrobat? Surely you would use your DTP or graphics software (InDesign etc) and choose your export format based upon your printer's requirements...."
                    Reputable bureaus will mostly only accept PDF. It used to be PostScript, but as you are no doubt aware, PDF is a version of PS. Adobe InDesign of course creates fully compliant PDFs.

                    Microsoft Publisher on the other hand doesn't. Images for display are RGB corresponding to the three colours of the dots on your display. Images for printing are CMYK for the four-colour printing process. Adobe's PDF converter, automagically converts RGB images to CMYK* when you choose a PDF print option. Microsoft's PDF conversion in Publisher doesn't; the images remain RGB and printing RGB is shit. The three colours mixed together make a muddy brown, rather than black.

                    "More often than not they would ask for the original binary file, such as an indesign file and set printing up directly from that."
                    If they do ask for the binary, ask yourself why they would. The binary is very easy to edit. PDFs have to be explicitly opened in an appropriate editor to do so. It is not necessary to have edit capabilities in order to print.*

                    Professionals will have already done the conversion and placed the images as CMYK.

                    1. DaLo

                      Re: WordPad

                      You seem to be confusing a number of topics. CMYK splitting isn't a feature of PDFs - they can hold any number of image and colour formats formats. Neither is more compatible or less compatible. RGB works better for screen, CMYK can work better with some printing (but not necessarily). As most images will start their life as RGB then who does the conversion to CMYK can be have pros and cons. Almost everything will 'automagically' eventually convert to CMYK. Whether you leave it up to your printer, your print driver or do it in pre-process is up to you. A decent print shop will be using the colour space and profiles of the actual proofer and final print machine so it may be beneficial to leave the splitting to an experienced print shop who will be able to match your RGB colour space to CMYK far better than you can using standard sRGB color profiles.

                      The fact that you state that InDesign creates 'fully compliant' PDFs shows that you don't need to use Acrobat or Adobe Reader as you stated.

                      A PDF is also very easy to edit you can load it into something like Indesign or Inkscape and edit away.

                      If you believe that your print shop will use your original files as they want to commit nefarious acts with your files and edit them to insert messages in them then you should find a better print shop. Most people who do printing will have a long and good relationship with their print shop and will not have such paranoia. Also if you do have a trusted print shop who have the original files they can often fix composition errors, bleeds trims and print marks and cater for issues with paperweights or types that even some of the best graphic designers get confused about.

                      However the fact still remains that you can get exact PDF reproduction for passing documents around using any number of PDF readers, none of which are relevant to print shop work. They don't need to touch Adobe software, let alone Acrobat or Adobe Reader, for creation or viewing and the result can be exactly the same if not better. Once you have created a PDF you also have no say in what is used to view it.

                      1. Pompous Git Silver badge

                        Re: WordPad

                        "You seem to be confusing a number of topics. CMYK splitting isn't a feature of PDFs - they can hold any number of image and colour formats formats."
                        Then please explain why when MS were asked about the lack of CMYK support in the PDFs created in Publisher their response was that the bureaus needed to get up-to-date and leave their prejudices behind, or some such. I'm paraphrasing.

                        "Almost everything will 'automagically' eventually convert to CMYK. Whether you leave it up to your printer, your print driver or do it in pre-process is up to you."
                        When I was still learning the digital side of this stuff, I accidentally forgot to convert an RGB image to CMYK. I received 4 pieces of film, but only two of them were really usable as three were identical.

                        "The fact that you state that InDesign creates 'fully compliant' PDFs shows that you don't need to use Acrobat or Adobe Reader as you stated."
                        InDesign is an Adobe product. Consequently its Adobe PDF creator is compliant. It would be a surprise if it wasn't.

                        " if you do have a trusted print shop who have the original files they can often fix composition errors, bleeds trims and print marks"
                        I have been called on in the past to do such stuff on native files. I'm a political animal and when the document under consideration was that of a political organisation I did not approve of, I was sorely tempted. Happily I resisted. You must be singularly trusting to believe that everyone is to be similarly trusted.

                2. Paul Crawford Silver badge
                  Facepalm

                  Re: WordPad

                  Both recent (say 2010 onwards?) versions of Word and LibreOffice can save in PDF format quite well and that is probably the best way to circulate a document for other to read read/print.

                  But none of the word processors are really format-compatible, and while the difference between Word and LibreOffice is obvious and annoying, you also get problems going between the Windows version and Mac version of Word (for example, with equations, etc).

                  A pox on them all!

                  1. Pompous Git Silver badge

                    Re: WordPad

                    "Both recent (say 2010 onwards?) versions of Word and LibreOffice can save in PDF format quite well and that is probably the best way to circulate a document for other to read read/print."
                    But "quite well" may not always be good enough. See my previous comment.

                    "But none of the word processors are really format-compatible, and while the difference between Word and LibreOffice is obvious and annoying, you also get problems going between the Windows version and Mac version of Word (for example, with equations, etc).

                    A pox on them all!"

                    Amen! And just in case, Awomen, too!

    9. TheElder

      Re: Curious to know

      How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it.

      Don't use Windows code to open it. I haven't used Word for many years. Instead I use a German system by the name of SoftMaker. It is one of the few pieces that I am willing to pay full price for. Better is that it is often on sale for much less than Windows anything. It is clean, very efficient and fully compatible with everything.

      No, I do not work for them in any way. They are great to deal with though. Not many places I can say that.

      1. Pompous Git Silver badge

        Re: Curious to know

        "It is clean, very efficient and fully compatible with everything."
        Not quite. TextMaker turned Mrs Git's 2 page doc into a 4 page doc. A slight improvement on Libre Office turning it into a 6 page doc. The problem is the snaking columns after the page break on the first page are shortened and spread over two pages. There doesn't appear to be any way to quickly* change this. Even if there was, there'd then be the need to test whether the TextMaker doc is correctly formatted when subsequently opened in Word.†

        I do not for one instant mean this comment to suggest that TextMaker is particularly deficient. Compatibility between word processors has always been a problem. It does however lack the Australian English Dictionary and doesn't support automatic adding of misspellings to AutoCorrect. Libre Office is better in this regard.

        * Doesn't mean there isn't one; just that I can't be arsed. See next footnote.

        † This is the kind of document I create with InDesign, or CorelDRAW! and export as PDF. Much quicker than faffing with a word processor when you would rather play at being Alexander conquering Ghandi and Pedro II.

  2. Primus Secundus Tertius

    Opening document files

    A .docx file should be less risky, as it does not contain macros; .docm is for modern macro-infested files.

    Microsoft do not make it easy to construct "live CDs". But there is Hiren's boot CD, which includes a word processor that will read .doc files. Alternatively, there is the penguin and friends. All these can also run from USB memory sticks.

    1. TheVogon

      Re: Opening document files

      "A .docx file should be less risky, as it does not contain macros"

      Yes it can.

      1. Anonymous Coward
        Anonymous Coward

        Re: Opening document files

        "Yes it can."

        How?

        1. TheVogon

          Re: Opening document files

          "How?"

          By creating a Macro? Docx has no restrictions on content types.

          1. Anonymous Coward
            Anonymous Coward

            Re: Opening document files

            "Docx has no restrictions on content types."

            Yes it does. DOCX cannot contain macros, DOCM can contain macros.

            You also can't save it as a DOCM and then rename to a DOCX manually as it will no longer open due to a mismatched MIME type.

            You could save it as a DOCM then rename to something else like RTF which may work, however I don't see how you can put a Macro into a DOCX unless there is a security advisory that has shown a workaround.

            1. This post has been deleted by its author

            2. TheVogon

              Re: Opening document files

              "Yes it does. DOCX cannot contain macros, DOCM can contain macros."

              My bad - you are correct - it was saving macros to the normal template when I tested...

  3. BebopWeBop
    Angel

    NSA - the gift that keeps on giving....

    1. Rich 11

      Someone else's tax dollars at work...

  4. Spotswood

    'People of interest' should run their bloody updates. How hard is it?

    1. Primus Secundus Tertius

      But it is so difficult to find reliable staff these days!

      You don't expect a VIP to do these things, do you?

    2. Anonymous Coward
      Anonymous Coward

      'People of interest' should run their bloody updates. How hard is it?

      Very, because of the low MTTNB (Mean Time To Next Bug). Patching only means you patch what is known now, but either Microsoft introduces new problems every time they patch or the whole artifice is so leaky it should have never left development in the first place - take your pick.

      It's beyond scandalous that we still have these problems decades later, and no, I don't buy the whole "it's just the nature of modern software" and "we're the most popular so we get hacked more" excuses as both have been amply disproved.

      Microsoft, enough with the weak excuses, FIX THIS.

  5. Destroy All Monsters Silver badge
    Windows

    This is getting really tiresome

    How many super-duper hackers are there even in Russia?

    Is that poor country ("Economy the size of Italy") even big enough to hold this hack infrastructure (hackfrastructure)? Are they exploiting mutated children concentration camps on the moon to collect and sift through all that data? Are they BEAMING IT TO THE GALACTIC CORE? Inquiring minds want to know!

    Still, finally an occasion to post this satirical article of excellence: The de-Putin-Nazification of America

    1. Anonymous Coward
      Anonymous Coward

      Re: This is getting really tiresome

      North Korea has one of the best offensive cyberwarfare groups in the world, and has for a couple decades, and they are orders of magnitude poorer than Russia.

      It all depends on where you want to invest your money. The USSR tried to keep up with the US in weapons technology but ran out of money. Putin learned that lesson, and learned the lesson of asymmetric warfare in Afghanistan (that the US should have learned from) Hackers who hit the power grids, water purification and so forth could do more short term damage to the US than a barrage of nukes, and would not provoke a barrage of nukes in response (well you never know what president cheeto might want to do, fortunately the military would almost certainly refuse such an order from him since it finally becoming clear just how mentally unstable he is trying to outcrazy Kim Jung Un)

      1. Captain DaFt

        Re: This is getting really tiresome

        Putin learned that lesson, and learned the lesson of asymmetric warfare in Afghanistan (that the US should have learned from)

        The US Government learned that lesson in Vietnam, vowed, "Never again!", and then promptly forgot.

        Maybe if the House and Senate member,s median age wasn't over seventy, They'd remember things.

        1. tom dial Silver badge

          Re: This is getting really tiresome

          The lieutenants, captains, and majors learned, and some of the contemporary politicians. By 2001, some of the lieutenants, captains, and majors were senior military staff and a few were politicians. There is not a lot of evidence that as a group they were very enthusiastic about going to war. Most politicians of the mid 1970s had retired or been replaced, all too often by others whose main contact with any war was through the draft deferment letters to their local boards and whose main concerns were tightly bound to domestic issues and their reelection. In the moral panic following the September 11, 2001 terrorist attack, launching a new war with votes from the clueless was too easy, and consideration of long term strategy effectively lacking. This was aggravated by the lesson of the 1990-1991 Iraq war, in which some of the lessons of Vietnam were employed with considerable short term success.

          "The US Government" does not learn lessons. Only individuals do that, and despite the high rate of incumbent reelection, the turnover is high enough that lessons learned by a particular group at a particular time decline pretty much to the vanishing point in around a generation.

          As an aside: the median age in the Senate is 64, and in the House of Representatives it is 59. Both are under 70, although rather larger than the US population median age, which is about 38.

      2. Anonymous Coward
        Anonymous Coward

        Re: This is getting really tiresome

        "North Korea has one of the best offensive cyberwarfare groups in the world"

        Citation needed.

        Your assertion is possible but this is a country that is parked off an internet backwater where virtually no one has access to their weird country wide intranet let alone the internet itself. That is not an environment that is conducive to home grown expertise. They will have some really bright people who are pushed in the direction required but that is not how "best in the world" is done. Their really bright folk live in an intellectual vacuum.

        I'm pretty sure that their crackers will be off the scale bright but they will not have access to the rest of the world's intelligentsia except via subterfuge - which may not work too well. Hence they will have to re-invent many, many wheels.

        Then again our NHS was brought low though a lack of a decent patching regime.

        1. Anonymous Coward
          Anonymous Coward

          @gerdesj - "citation needed"

          Since I guess you need help using Google, here's one story. Since you already seem to be making the case that North Korea is incapable of being a big player in cyberware, you'll probably view the World Economic Forum as an invalid source (I chose one that wasn't the US government or media) but if you want to go down that rathole you can do your searching for a citation from an organization that meets your approval.

          https://www.weforum.org/agenda/2016/05/who-are-the-cyberwar-superpowers/

    2. Lars Silver badge
      Joke

      Re: This is getting really tiresome

      So many difficult questions, how come the worlds richest and best educated country chooses an idiot to become the president.

      1. Flocke Kroes Silver badge

        Re: Richest, best educated

        Qatar or Canada?

      2. amanfromMars 1 Silver badge

        Re: This is getting really tiresome @Lars

        So many difficult questions, how come the worlds richest and best educated country chooses an idiot to become the president. ... Lars

        :-) Howdy, Lars,

        Winston Churchill surely answered that questioning statement with this observation ....."The best argument against democracy is a five minute conversation with an average voter." And sadly, that is no joke.

        1. Ucalegon

          Re: This is getting really tiresome @Lars

          Good point. Now, can we stop having referendums please?

      3. fajensen

        Re: This is getting really tiresome

        So many difficult questions, how come the worlds richest and best educated country chooses an idiot to become the president.

        Facing the stark choice between a malignant warmonger and a rambling idiot, the people's choice was the less effective evil.

    3. Anonymous Coward
      Anonymous Coward

      Re: This is getting really tiresome

      People learn tech skills, sciences, then have no job and still want to eat.....

  6. Anonymous Coward
    Anonymous Coward

    Let's forbid the use of VPNs!

    Next, we'll outlaw antivirus (etc.) software, and software patches...

    /s

    I suppose China, Russia, India, etc. don't have unsecure access points...

    As for the idiot comment, that somehow relates hacking ability to GDP... congratulations! you are qualified to become a politician.

    1. Sanctimonious Prick
      Alert

      Oh, and SOHO firewalls.

  7. amanfromMars 1 Silver badge

    Leaving options open is for copping out?!

    Smith and Read say they have “moderate confidence” that this is all the handiwork of APT28,

    So, one of those snowballs in hell realities, with residents a little bit pregnant and ScareWare at its most modest. When will everybody grow up and stop spinning crazy yarns and giving credence to manic tales of madness and mayhem? Any time soon do you think?

    And aint those Russkies novel.

  8. TheElder

    How many super-duper hackers are there even in Russia?

    Very good question. One of my favourite things to do is to play with the English language. I speak quite a few languages but English is the easiest to play with.

    I was thinking about a fridge with a built in freezer. Why don't we call it a Freeger?

    So I looked up "freeger" and this is what I found.

    Freeger, Moscow (Russia) - Creative Criminals

    creativecriminals.com/freeger/russia

    FxPro, the brand name of FxPro Financial Services Limited, is an online retail trading broker in Contracts for Difference on ... FxPro : Benjamin Franklin. 7

  9. Anonymous Coward
    Anonymous Coward

    Stop picking on Trump's boss !!

    See title

  10. John Smith 19 Gold badge
    Coat

    So not just hitting the hotels. Water hole attack on visitors.

    And US taxpayers wonder what they get out of all the money spent on the NSA?

    I'd say "infected."

  11. Gordon Pryra

    Is it worth a freedom of information request

    To discover the ratio of successful hacks resulting from tools created/documented by our law enforcement agencies?

    Maybe compare that list with the amount of attacks BLAMED on N Korea/Russia/"Anyone else not us" against government organisations who had not patched servers/workstations

    For additional mathematical fun, maybe the % of organisations hit by tools created by our "defenders" with servers/workstations NOT patched but where budget had been provided to patch them in the past.

    Final question would be how many servers/workstations that have had MULTIPLE budgets to pay for patching have been hit by viruses written by our own governments because they were not patched.....

  12. This post has been deleted by its author

    1. Potemkine! Silver badge

      Re: NOT Russians, it was an Elephant that did it!

      Hi Vladimir, thanks for your input! How is the weather in Russia?

    2. John Gamble
      Alien

      Re: NOT Russians, it was an Elephant that did it!

      Formerly respected journalist Seymour Hersch.

      Back in my USENET days, a phrase often used for writers that latched onto crank theories was "the Brain Eater got him" (it was usually a him, I can think of only one woman writer who went down the crazy path).

      It was usually used for formerly good writers of fiction who for some reason wanted to prove some philosophy in their fiction, but it wasn't impossible for non-fiction writers to be attacked by the Brain Eater, and Hersch got bit hard.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like