Security News > 2022 > March > South Korean DarkHotel Hackers Targeted Luxury Hotels in Macau

Luxury hotels in the Chinese special administrative region of Macau were the target of a malicious spear-phishing campaign from the second half of November 2021 and through mid-January 2022.

Believed to be active since 2007, DarkHotel has a history of striking "Senior business executives by uploading malicious code to their computers through infiltrated hotel Wi-Fi networks, as well as through spear-phishing and P2P attacks," Zscaler researchers Sahil Antil and Sudeep Singh said.

The attack chains involved distributing email messages directed to individuals in executive roles in the hotel, such as the vice president of human resources, assistant manager, and front office manager, indicating that the intrusions were aimed at staff who were in possession of access to the hotel's network.

In one phishing lure sent to 17 different hotels on December 7, the email purported to be from the Macau Government Tourism Office and urged the victims to open an Excel file named .

In another case, the emails were faked to gather details about people staying in the hotels.

The campaign is said to have to met its inevitable end on January 18, 2022 coinciding with the rise of COVID-19 cases in Macau, prompting the cancelation or postponement of international trade conferences that were set to take place in the targeted hotels.

News URL

https://thehackernews.com/2022/03/south-korean-darkhotel-hackers-targeted.html