Security News > 2022 > March > DarkHotel hacking campaign targets luxury Macao resorts
The South Korean DarkHotel hacking group has been spotted in a new campaign spanning December 2021 through January 2022, targeting luxury hotels in Macao, China.
DarkHotel is a sophisticated hacking group targeting the hospitality industry to conduct high-level espionage or data monetization via dark web sales.
The region is of particular interest to DarkHotel, which targets hotel systems to intercept guest browsing data via the WiFi network.
The latest observation of DarkHotel activity comes from threat analysts at Trellix, who has tracked the C2 IP address exposed in a December 2021 report by Zscaler to trace the actor's activity.
Two of the hotel chains confirmed as targeted in this campaign are the Grand Coloane Resort and the Wynn Palace, both 5-star hotels.
These hotels were planning to host international conferences on trade, investment, and the environment, so DarkHotel's campaign was likely aiming to lay the foundation for future espionage.