惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
O
OpenAI News
Jina AI
Jina AI
腾讯CDC
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
MongoDB | Blog
MongoDB | Blog
J
Java Code Geeks
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
WordPress大学
WordPress大学
F
Full Disclosure
Microsoft Azure Blog
Microsoft Azure Blog
I
InfoQ
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
www.infosecurity-magazine.com
www.infosecurity-magazine.com
SecWiki News
SecWiki News
F
Fortinet All Blogs
C
Check Point Blog
H
Hacker News: Front Page
H
Help Net Security
G
Google Developers Blog
The Cloudflare Blog
Google Online Security Blog
Google Online Security Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
S
Secure Thoughts
U
Unit 42
L
LINUX DO - 最新话题
博客园 - 【当耐特】
量子位
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 叶小钗
TaoSecurity Blog
TaoSecurity Blog
Recorded Future
Recorded Future
Apple Machine Learning Research
Apple Machine Learning Research
AI
AI
aimingoo的专栏
aimingoo的专栏
Security Archives - TechRepublic
Security Archives - TechRepublic
H
Heimdal Security Blog
Y
Y Combinator Blog
月光博客
月光博客
Hacker News: Ask HN
Hacker News: Ask HN
D
DataBreaches.Net
Webroot Blog
Webroot Blog
T
Troy Hunt's Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Schneier on Security
Schneier on Security
Cisco Talos Blog
Cisco Talos Blog
Last Week in AI
Last Week in AI

The Register - Security: Research

www.theregister.com Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine ChatGPT blindly trusts browser content, turning the page into a payload Russia-linked threat group put ChatGPT to work from lure to payload Kids can bypass some age checks with a drawn-on mustache What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia ORNL builds more sensitive GPS interference detector Researchers find sabotage malware that may predate Stuxnet Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Anthropic, Google, Microsoft paid AI bug bounties – quietly Security reserchers tricked Apple Intelligence into cursing Don't open that WhatsApp message, Microsoft warns Security boffins harvest bumper crop of API keys from web Lightning-fast exploits mean patch fast, says Cisco Talos AI agents are 'gullible' and easy to turn into your minions Smooth criminals talking their way into cloud environments, Google says Snoops plant info-stealing malware on iPhones, Google warns Cybercrime up 245% since the start of the Iran war Rogue AI agents can work together to hack systems Fake applicants are sending security-killing malware AI agent hacked McKinsey chatbot for read-write access Kaspersky: No signs Coruna iPhone exploit kit made by US Perplexity Comet browser hole was exploitable via cal invite DEF CON hackers 'fed up with government,' Jake Braun says DEF CON hackers 'fed up with government,' Jake Braun says Ransomware payments cratered in 2025 – attacks did not Ransomware payments cratered in 2025 – attacks did not Claude's collaboration tools allowed remote code execution AI takes a swing at online anonymity Fake 'interview' repos lure Next.js devs into running secret-stealing malware Threat intelligence supply chain is full of weak links AI agents abound, unbound by rules or safety disclosures RAT disguised as an RMM costs crims $300 a month Android malware taps Gemini to navigate infected devices Posting AI caricatures on social media is bad for security Payroll pirates conned the help desk, stole employee’s pay Microsoft boffins show LLM safety can be trained away For the price of Netflix, crooks can rent AI crime ops For the price of Netflix, crooks can rent AI crime ops Fast Pair, loose security: Bluetooth accessories open to silent hijack Fast Pair flaw exposes Bluetooth devices to hijacking A simple CodeBuild flaw put every AWS environment at risk A simple CodeBuild flaw put every AWS environment at risk DeadLock ransomware uses smart contracts to evade defenders Python libraries in AI/ML models can be poisoned w metadata OpenAI patches déjà vu prompt injection vuln in ChatGPT Fake Windows BSODs check in at Europe's hotels to con staff into running malware Hotel staff tricked into installing malware by bogus BSODs Your car’s web browser may be on the road to cyber ruin China's Ink Dragon hides out in European government networks Browser 'privacy' extensions have eye on your AI, log all your chats NCSC finds cyber deception tools work, if deployed right 10K Docker images spray live cloud creds across the internet 'Botnets in physical form' are top humanoid robot risk 'Botnets in physical form' are top humanoid robot risk Apache warns of 10.0-rated flaw in Tika metadata toolkit Novel clickjacking attack relies on CSS and SVG 'Exploitation is imminent' of max-severity React bug Swiss government bans SaaS and cloud for sensitive info Scattered Lapsus$ Hunters stress testing Zendesk weak spots HashJack attack shows AI browsers can be fooled with '#' New ClickFix attacks use fake Windows Updates to swipe creds Years-old bugs in open source took out major clouds at risk LLM-generated malware improving, but not operational (yet) 3.5B WhatsApp users' info scooped through enumeration flaw 3.5B WhatsApp users' info scooped through enumeration flaw 50k more ASUS routers pwned by evolving Beijing-linked op Overconfidence is the new zero-day as teams stumble through cyber simulations LLM side-channel attack could allow snoops to guess topic Landfall spyware used in 0-day attacks on Samsung phones MIT Sloan shelves paper about AI-driven ransomware Security hole slams Chromium browsers - no fix yet OpenAI Atlas Browser tripped up by malformed URLs Devs of VS Code extensions are leaking secrets en masse Chatbots that butter you up make you worse at conflict Tile trackers leak unencrypted Bluetooth data, say boffins Beijing's RedNovember hacked critical US, global orgs Lazarus RAT code resurfaces in North Korean IT-worker scams Suspected Chinese spies broke into 'numerous' enterprises Deepfaked calls hit 44% of businesses in last year: Gartner Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack HybridPetya ransomware dodges UEFI Secure Boot
Kaspersky: RevengeHotels returns with AI-coded malware
Carly Page · 2025-09-23 · via The Register - Security: Research

Research

Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk

Kaspersky has raised the alarm over the resurgence of hotel-hacking outfit "RevengeHotels," which it claims is now using artificial intelligence to supercharge its scams.

Between June and August this year, Kaskersky Global Research and Analysis Team (GReAT) found the group deploying malware with AI-generated code, making its intrusions harder to detect and far more effective.

The core playbook remains familiar: phishing emails, disguised as booking requests or job applications, land in the inboxes of hotel staff. Once opened, they deliver a remote access trojan known as VenomRAT, giving attackers control of the infected machine and a path to guests' card data and other personal details. 

REG AD

While the social engineering may be old-school, the malware's AI-crafted underpinnings represent a troubling leap in sophistication, Kaspersky says. 

REG AD

"Cybercriminals are increasingly using AI to create new tools and make their attacks more effective. This means that even familiar schemes, like phishing emails, are becoming harder to spot for a common user," said Lisandro Ubiedo of Kaspersky's GReAT team.

"For hotel guests, this translates into higher risks of card and personal data theft, even when you trust well-known hotels."

The Russian cybersecurity firm says that Brazil has so far borne the brunt of the latest wave of RevengeHotel attacks, but notes that incidents have already surfaced elsewhere. 

The group's use of AI-generated code marks a shift from RevengeHotels' previous campaigns, which relied on cookie-cutter malware and crude phishing. By leaning on auto-generated code, the crew can churn out fresh-looking variants that slip past older security tools, yet are simple enough to include a bog-standard phishing email. For hotel IT staff, that means the tricks look familiar, but the malware buried inside is far harder to spot and shut down.

Kaspersky's recommended defences will be familiar to any security pro: hotels should train staff to recognise suspicious emails, adjust spam filters, and deploy endpoint detection tools that can flag infections early. Travellers, meanwhile, can limit exposure by monitoring card activity closely or using virtual payment methods where possible.

RevengeHotels isn't new to this game. The group has been active for more than a decade, targeting hotels, hostels and other tourism outfits since 2015. Besides skimming card details, they've been flogging access to compromised property systems on dark-web markets so other crooks can swoop in and run scams. ®