Details of a new multi-stage cyberattack campaign, dubbed PHALT#BLYX, targeting the European hospitality sector have been disclosed by the cybersecurity firm Securonix. This attack utilizes fake booking emails to lure and deceive hotel staff. Victims are redirected to bogus Blue Screen of Death (BSoD) pages that falsely indicate a system error. These pages leverage “ClickFix-style lures,” prompting employees to execute a fake patch or fix.
The ultimate goal of this campaign is the deployment of DCRat, a known Remote Access Trojan (RAT). Since DCRat enables remote control and the theft of sensitive information, there is a heightened risk that compromised hotel systems could be used as staging points for attacks targeting Web3 entities or financial institutions, thereby increasing supply chain attack concerns within the hospitality industry.
ソース元: Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
New Malware Campaign “PHALT#BLYX” Targets European Hotel Industry: DCRat Delivered via Fake BSoD Pages
News
コメント