Interior Ministry makes great strides in enhancing national security landscape    MWL Chief meets Pope Francis in Vatican University of Bologna confers on Sheikh Al-Issa Honorary Fellowship in Law    Abdullah Kamel unveils plans to launch halal certificate similar to ISO Value of global halal market exceeds $2 trillion    Emir of Madinah launches first phase of Madinah Gate project worth SR600 million    Saudi Arabia starts Gulf Cup 26 campaign with a disappointing loss to Bahrain    Gulf Cup: Hervé Renard calls for Saudi players to show pride    Oman optimistic about Al-Yahyaei's return for crucial Gulf Cup clash with Qatar    Qatar coach Garcia promises surprises as they seek first Gulf Cup 26 win    Liberal leaders say they have a plan for a new, more effective anti-Trump resistance    Stampedes at Christmas charity events kill 67 people in Nigeria    A man's suicide leads to clamor around India's dowry law    Slovak PM meets Putin in surprise Moscow visit    Environment minister inaugurates Yanbu Grain Handling Terminal    Saudi deputy FM meets Sudan's Sovereign Council chief in Port Sudan    Kuwait, India to elevate bilateral relations to strategic partnership Sheikh Mishal awards Mubarak Al-Kabir Medal to Modi    Marianne Jean-Baptiste on Oscars buzz for playing 'difficult' woman    PDC collaboration with MEDLOG Saudi to introduce new cold storage facilities in King Abdullah Port Investment of SR300 million to enhance logistics capabilities in Saudi Arabia    My kids saw my pain on set, says Angelina Jolie    Legendary Indian tabla player Zakir Hussain dies at 73    Eminem sets Riyadh ablaze with unforgettable debut at MDLBEAST Soundstorm    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Hotel guests' credit cards susceptible to сybercrimes
Published in The Saudi Gazette on 30 - 11 - 2019

Kaspersky's research of the RevengeHotels campaign aimed at the hospitality sector, has confirmed over 20 hotels in Latin America, Europe and Asia have fallen victim to targeted malware attacks. Even more hotels are potentially affected across the globe. Travelers' credit card data which is stored in a hotel administration system, including those received from online travel agencies (OTAs), is at risk of being stolen and sold to criminals worldwide.
RevengeHotels is a campaign that includes different groups using traditional Remote Access Trojans (RATs) to infect businesses in the hospitality sector. The campaign has been active since 2015 but has gone on to increase its presence in 2019. At least two groups, RevengeHotels and ProCC, were identified to be part of the campaign, however more cybercriminal groups are potentially involved.
The main attack vector in this campaign is emails with crafted malicious Word, Excel or PDF documents attached. Some of them exploit CVE-2017-0199, loading it using VBS and PowerShell scripts and then installing customized versions of various RATs and other custom malware, such as ProCC, on the victim's machine that could later execute commands and set up remote access to the infected systems.
Each spear-phishing email was crafted with special attention to detail and usually impersonating real people from legitimate organizations making a fake booking request for a large group of people. It is worth noting that even careful users could be tricked to open and download attachments from such emails as they include an abundance of details (for instance, copies of legal documents and reasons for booking at the hotel) and looked convincing. The only detail that would reveal the attacker would be a typosquatting domain of the organization.
A phishing email sent to a hotel impersonating a booking request from an attorney's office
Once infected, the computer could be accessed remotely not just by the cybercriminal group itself — evidence collected by Kaspersky researchers shows that remote access to hospitality desks and the data they contain is sold on criminal forums on a subscription basis. Malware collected data from hospitality desk clipboards, printer spoolers and captured screenshots (this function was triggered using specific words in English or Portuguese). Because hotel personnel often copied clients' credit card data from OTA's in order to charge them, that data could also be compromised.
Kaspersky telemetry confirmed targets in Argentina, Bolivia, Brazil, Chile, Costa Rica, France, Italy, Mexico, Portugal, Spain, Thailand and Turkey. However, based on data extracted from Bit.ly, a popular link shortening service used by the attackers to spread malicious links, Kaspersky researchers assume that users from many other countries have at least accessed the malicious link – suggesting that the number of countries with potential victims could be higher.
"As users grow wary of how protected their data truly is, cybercriminals turn to small businesses, which are often not very well protected from cyberattacks and possess a concentration of personal data. Hoteliers and other small businesses dealing with customer data need to be more cautious and apply professional security solutions to avoid data leaks that could potentially not only affect customers, but also damage hotel reputations as well," comments Dmitry Bestuzhev, Head of Global Research and Analysis Team, LatAm.
To stay safe, travelers are recommended to:
• Use a virtual payment card for reservations made via OTAs, as these cards normally expire after a single charge
• When paying for a reservation or checking out at hotel desks, use a virtual wallet, such as Apple Pay or Google Pay, or a secondary credit card with a limited amount of debit available
Hotel owners and management are also advised to follow these steps to secure customer data:
• Conduct risk assessments of the existing network and implement regulations regarding how customers data is handled
• Use a reliable security solution with web protection and application control functionality, such as Kaspersky Endpoint Security for Business. Web protection helps to block access to phishing and malicious websites while application control (in white list mode) allows to make sure that no application except the white listed ones can run on hospitality desk computers.
• Introduce staff security awareness training to teach employees how to spot spear-phishing attempts and show the importance of remaining vigilant when working with incoming emails. — SG


Clic here to read the story from its source.