Cybersecurity News in Asia

Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
- Featured
  
  What businesses need to know about SEO poisoning
  
  Tuesday, April 16, 2024, 4:55 PM Asia/Singapore | Features
News
- Featured
  
  How medical devices manufacturer Tuttnauer protects patient and personal-data safety
  
  Tuesday, April 23, 2024, 5:22 PM Asia/Singapore | Case Study, News
- Featured
  
  How much of automated internet traffic contains malicious activity?
  
  Monday, April 22, 2024, 9:02 AM Asia/Singapore | Cyberthreat Landscape, News, Newsletter
- Featured
  
  Large language models have their strengths and weaknesses: analysis
  
  Monday, April 22, 2024, 8:56 AM Asia/Singapore | News
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

DarkHotel APT targets Macao luxury hotel management and high-profile guests

By CybersecAsia editors and webmaster webmaster | Monday, March 21, 2022, 3:46 PM Asia/Singapore

During times of global instability, state-sponsored actors tend to ramp up advanced persistent threats for espionage and intelligence agendas.

Since late November 2021, luxury hotels in Macao, China have been targeted by an advanced persistent threat.

Seventeen different hotels in the Macao area had been receiving spear phishing emails directed to management staff. The email contained an Excel sheet attachment and served to trick recipients to enable macros. Once the macros were executed, they created a scheduled task to perform recognition, data listing and data exfiltration.

Then, to enable communication with the command-and-control (C2) server used to exfiltrate victim data, the macros used a known technique—living off the land binaries and scripts—to perform PowerShell command lines as trusted script.

In December 2021, a research team from Zscaler had disclosed information about this advanced persistent threat (APT), attributing it to South Korean-based group DarkHotel. The paper revealed the actual IP address related to the C2 infrastructure used for data exfiltration when victimized machines had been initially compromised.

The threat group is known for using spyware and malware to attack visitors using a hotel’s in-house Wi-Fi network. High-profile executives in financial services, government, development and defense industries are often the target of DarkHotel actors.

This kind of targeted APT espionage activity is occurring on a global scale in the hospitality industry, involving high-value hotel staff or guests before or during important events, according to one cybersecurity firm’s spokesperson. Said John Fokker, Head of Cyber Investigations, Trellix: “There can be an uptick in advanced persistent threats especially during times of turmoil and instability. DarkHotel and similar groups have a lot to gain by targeting high-level individuals as a means of easy access to troves of data and information. They have been diligent in their attacks for the better half of the past decade exploiting victims across industries, sectors and geographies.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper
Fortanix Data Risk Management – Using Tokenization to Secure Your Data
In today's digital world, organizations prioritize data security. To protect sensitive information, they use tokenization, …Download Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

What businesses need to know about SEO poisoning

Featured

How medical devices manufacturer Tuttnauer protects patient and personal-data safety

Featured

How much of automated internet traffic contains malicious activity?

Featured

Large language models have their strengths and weaknesses: analysis

DarkHotel APT targets Macao luxury hotel management and high-profile guests

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar