Amidst MGM, Caesar's Incidents, Attackers Focus on Luxury Hotels

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware. Even as the effects of the show-stopping cyberattacks on MGM Grand and Caesars are still being felt, attackers continue to target the hospitality industry with an active phishing campaign aimed at spreading info-stealing malware. The offensive uses social-engineering tactics similar to the ones that ultimately crippled the resort-casinos this month.

The campaign, discovered by researchers at Cofense Intelligence, leverages reconnaissance emails and instant messages to bait employees at luxury resorts and hotel chains into a response, according to a Cofense blog post published Sept. 26. Once the threat actors receive a response to the initial email, they will then follow up with phishing messages that leverage several methods known to disrupt email security analysis and secure email gateways (SEGs), so that the messages reach intended targets. These tactics include the use of trusted cloud domains in the emails, password-protected archives, and executable files that are so large they can disrupt analysis, according to the report.

"From the reconnaissance email all the way to the malicious payload, this campaign and its infection chain are both highly sophisticated and well-thought-out by the threat actors," Cofense cyber threat intelligence analyst Dylan Duncan wrote in the post.

This attention to detail is reflective in "the success of these emails reaching intended targets," with a notable uptick in the campaign through August and into September "at an alarming rate," he added. Indeed, 85% of the phishing emails observed in the campaign have been sent in the last 60 days, with September showing a higher incidence of messages than August, according to Cofense.

2023-09-28

By materials of Dark Reading, https://darkreading.com/cloud/mgm-caesars-incidents-attackers-luxury-hotels

Фотографии: Source: Anna Berkut via Alamy Stock Photo, https://darkreading.com/cloud/mgm-caesars-incidents-attackers-luxury-hotels

Similar articles

2023-09-26

Data Security: Why It Matters For Independent Hotel Owners

Data security is an imperative concern that extends beyond sectors and industries, engraving its importance in the hotel industry as well. Independent hotel owners, often engrossed in operations, customer satisfaction, and revenue generation, sometimes overlook this crucial aspect. But in a time when a single data breach can tarnish reputations and incur monumental losses, understanding data security’s significance is non-negotiable.

2023-09-25

Expedia Group gives users the opportunity to test new technology

Expedia Group is opening a new space, EG Labs, where users can test new technology. The digital space is designed for "those excited about the next frontier of travel and tech," Expedia said. It is open to users in the U.S.

We use cookies 🍪 on all our sites, because without them some functions would not work.
Have a look how to enable cookies use for your browser in Yandex help.

Amidst MGM, Caesar's Incidents, Attackers Focus on Luxury Hotels

Similar articles

Data Security: Why It Matters For Independent Hotel Owners

Expedia Group gives users the opportunity to test new technology

Search on site

Sections

Tags