Novel malware campaign sets sights on hotels

Hotels are having their staff targeted by a new attack campaign aimed at exfiltrating hotel management credentials through emails that include Windows malware, The Register reports. Attackers have been sending either complaint emails or future booking assistance requests, which when responded to by hotel staff would prompt another message that includes a link that then redirects to a password-protected archive hosted on cloud storage services, according to a report from Sophos. Such an executable was discovered to be a Redline Stealer or Vidar Stealer malware variant used to steal credentials. Similar tactics have been leveraged in ongoing attacks against customers, which involved the theft of admin management portal credentials. "While this breach was not on, we understand the seriousness for those impacted, which is why our teams work diligently to support our partners in securing their systems as quickly as possible and helping any potentially impacted customers accordingly, including with recovering any lost funds," then said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.