A sophisticated malspam campaign that is targeting the hotel sector world-wide uses social engineering tactics to trick hotel representatives into opening malware-infected password-protected archives, according to cybersecurity researchers at Sophos X-Ops. The attacks consist of complaints about service problems or requests for information to create the impression of a legitimate situation before sending out links to malicious payloads. Most samples have a code-validation certificate and the malware connects to a Telegram encrypted messaging service URL, uses HTTP POST requests to send telemetry about the infected machine, and submits it to the bot controller.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some