The so-called 'DarkHotel' group has been active for over a decade, with a signature brand of cybercrime that targets business travellers with malware attacks, using the Wi-Fi in luxury hotels across the globe.
Hotel Wi-Fi hotspots are compromised in order to help deliver the payload to the selected pool of victims. The exact methods of compromise remain uncertain, but cybersecurity experts believe it involves attackers remotely exploiting vulnerabilities in server software or infiltrating the hotel and gaining physical access to the machines.
Those behind the campaign have continually evolved their tactics and malware payloads, blending phishing and social engineering with a complex Trojan, in order to conduct espionage on corporate research and development personnel, CEOs, and other high-ranking corporate officials.
But now the actors behind DarkHotel have changed tactics again, using a new form of malware known as Inexsmar to attack political targets. Researchers at Bitdefender -- who've analysed the malware strain -- have linked the Inexsmar campaign to DarkHotel because of similarities with payloads delivered by previous campaigns.
Read more at ZDNet....