Sunday, April 18, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Hotel front desks are now a hotbed for hackers

November 29, 2019
in Internet Security
Hotel front desks are now a hotbed for hackers
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Alexa is coming to your hotel room
Forgot your toothbrush? Just use Alexa for Hospitality.

It seems that any possible way cybercriminals can exploit the hospitality industry, they will. 

You might also like

Security crucial as 5G connects more industries, devices

Google releases Chrome 90 with HTTPS by default and security fixes

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

Hotels, restaurant chains, and related tourism services have been subject to a range of techniques when it comes to cybercrime; the compromise of Point-of-Sale (PoS) terminals to harvest guest data, phishing emails sent to staff which are designed to give attackers access to internal systems, and Man-in-The-Middle (MiTM) attacks through hotel public W-Fi hotspots being only some of the potential attack vectors. 

The data that the hospitality industry accepts, processes, and holds is valuable. Guest Personally Identifiable Information (PII) and financial information can be used in spear-phishing schemes, sold on in bulk, or potentially used to create clone cards when strong encryption is not in place to protect payment data. 

To add to a growing list of threat actors that specialize in attacks against hotels and hospitality organizations, such as DarkHotel, on Thursday, Kaspersky published research on a targeted campaign called RevengeHotels. 

First spotted in 2015 but appearing to be most active this year, RevengeHotels has struck at least 20 hotels in quick succession. The threat actors focus on hotels, hostels, and hospitality & tourism companies.

While the majority of the RevengeHotels campaign takes place in Brazil, infections have also been detected in Argentina, Bolivia, Chile, Costa Rica, France, Italy, Mexico, Portugal, Spain, Thailand, and Turkey.

The threat group deploys a range of custom Trojans in order to steal guest credit card data from infected hotel systems as well as financial information sent from third-party booking websites such as Booking.com. 

The attack chain begins with a phishing email sent to a hospitality organization. Professionally-written and making use of domain typo-squatting to appear legitimate, the researchers say the messages are detailed and generally impersonate real companies.  

These messages contain malicious Word, Excel or PDF documents, some of which will exploit CVE-2017-0199, a Microsoft Office RCE vulnerability patched in 2017. 

See also: Unsecured database exposes 85GB in security logs of major hotel chains

If a system is vulnerable, VBS or PowerShell scripts are used to exploit the bug, leading to the deployment of RevengeRAT, NjRAT, NanoCoreRAT, 888 RAT, ProCC, and other custom malware. 

The Trojans are able to burrow into infected computers, creating tunnels back to the operator’s command-and-control (C2) server and maintaining persistence. An additional module, dubbed ScreenBooking and written by the group, is used to capture payment card information. 

“In the initial versions, back in 2016, the downloaded files from RevengeHotels campaigns were divided into two modules: a backdoor and a module to capture screenshots,” the researchers say. “Recently we noticed that these modules had been merged into a single backdoor module able to collect data from clipboard and capture screenshots.”

CNET: The best VPN sales and deals right now

While RevengeHotels is the main perpetrator of these campaigns, Kaspersky also spotted another group, ProCC, that is targeting the same sector. ProCC uses a more sophisticated backdoor that is also able to capture information from PC clipboards and printer spoolers. 

Discussions of the groups taking place in underground forums reveal that front desk machines, and not just online services or PoS systems, are also being targeted through the campaign. 

TechRepublic: The top cybersecurity mistakes companies are making (and how to avoid them)

In these scenarios, hotel management systems are compromised to capture credentials and payment card data. Some cybercriminals are also flogging remote access to front desks to generate additional income as a service. 

‘If you want to be a savvy and safe traveler, it’s highly recommended to use a virtual payment card for reservations made via OTAs, as these cards normally expire after one charge,” Kaspersky says. “While paying for your reservation or checking out at a hotel, it’s a good idea to use a virtual wallet such as Apple Pay, [or] Google Pay. If this is not possible, use a secondary or less important credit card, as you never know if the system at the hotel is clean, even if the rooms are.”

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

TV Host Refusing Free 100 Bitcoin Because It’s Worthless Is Hypocritical

Next Post

Herring, Not Herring: Deep Learning Accelerates Detection and Classification of Underwater Species

Related Posts

Security crucial as 5G connects more industries, devices
Internet Security

Security crucial as 5G connects more industries, devices

April 17, 2021
Google releases Chrome 90 with HTTPS by default and security fixes
Internet Security

Google releases Chrome 90 with HTTPS by default and security fixes

April 17, 2021
SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack

April 17, 2021
Google Project Zero testing 30-day grace period on bug details to boost user patching
Internet Security

Google Project Zero testing 30-day grace period on bug details to boost user patching

April 17, 2021
Cyberattack on UK university knocks out online learning, Teams and Zoom
Internet Security

Cyberattack on UK university knocks out online learning, Teams and Zoom

April 17, 2021
Next Post
Herring, Not Herring: Deep Learning Accelerates Detection and Classification of Underwater Species

Herring, Not Herring: Deep Learning Accelerates Detection and Classification of Underwater Species

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

What are the different roles within cybersecurity?
Internet Privacy

What are the different roles within cybersecurity?

April 18, 2021
Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease
Machine Learning

Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease

April 17, 2021
SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence
Internet Privacy

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

April 17, 2021
10 Popular Must-Read Free eBooks on Machine Learning
Machine Learning

10 Popular Must-Read Free eBooks on Machine Learning

April 17, 2021
Security crucial as 5G connects more industries, devices
Internet Security

Security crucial as 5G connects more industries, devices

April 17, 2021
Relay Therapeutics pays $85M for startup with a new AI tech for drug discovery
Machine Learning

Relay Therapeutics pays $85M for startup with a new AI tech for drug discovery

April 17, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • What are the different roles within cybersecurity? April 18, 2021
  • Machine Learning Technology May Help Decipher Biological Language of Cancer, Parkinson Disease April 17, 2021
  • SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence April 17, 2021
  • 10 Popular Must-Read Free eBooks on Machine Learning April 17, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates