A hacker tracked as TA558 has upped their activity this year, running phishing campaigns that target multiple hotels and firms in the hospitality and travel space.
The threat actor uses a set of 15 distinct malware families, usually remote access trojans (RATs), to gain access to the target systems, perform surveillance, steal key data, and eventually siphon money from customers.
TA558 has been active since at least 2018, but Proofpoint has recently seen an uptick in its activities, possibly linked to the rebound of tourism after two years of COVID-19 restrictions.
Read more…
Source: Bleeping Computer