"The core playbook remains familiar: phishing emails, disguised as booking requests or job applications, land in the inboxes of hotel staff. Once opened, they deliver a remote access trojan known as VenomRAT, giving attackers control of the infected machine and a path to guests' card data and other personal details. While the social engineering may be old-school, the malware's AI-crafted underpinnings represent a troubling leap in sophistication, Kaspersky says."
"The group's use of AI-generated code marks a shift from RevengeHotels' previous campaigns, which relied on cookie-cutter malware and crude phishing. By leaning on auto-generated code, the crew can churn out fresh-looking variants that slip past older security tools, yet are simple enough to include a bog-standard phishing email. For hotel IT staff, that means the tricks look familiar, but the malware buried inside is far harder to spot and shut down."
Between June and August, researchers found RevengeHotels deploying malware containing AI-generated code, increasing stealth and effectiveness. The group uses familiar phishing tactics disguised as booking requests or job applications to deliver VenomRAT, a remote access trojan that grants attackers control over infected machines and access to guests' card and personal data. AI-generated variants allow rapid production of fresh-looking malware that can bypass older security tools while retaining simple phishing lures. Brazil has been the primary target so far, with incidents elsewhere. Recommended defenses include staff training against phishing, updated security tools, and vigilant monitoring of hotel IT systems.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]