[threat-actors] Add RevengeHotels

2024-02-05 09:20:10 -08:00 · 2024-02-05 09:20:10 -08:00 · cff0da0b3a
parent 40becc0ee9
commit cff0da0b3a
1 changed files with 10 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -14837,6 +14837,16 @@
      },
      "uuid": "0df34184-4ccf-4357-8e8e-e990058d2992",
      "value": "Fishing Elephant"
+    },
+    {
+      "description": "RevengeHotels is a targeted cybercrime campaign that has been active since 2015, primarily targeting hotels, hostels, and tourism companies. The threat actor uses remote access Trojan malware to infiltrate hotel front desks and steal credit card data from guests and travelers. The campaign has impacted hotels in multiple countries, including Brazil, Argentina, Chile, and Mexico. The threat actor employs social engineering techniques and sells credentials from infected systems to other cybercriminals for remote access.",
+      "meta": {
+        "refs": [
+          "https://securelist.com/revengehotels/95229/"
+        ]
+      },
+      "uuid": "083acee6-6969-4c74-80c2-5d442936aa97",
+      "value": "RevengeHotels"
    }
  ],
  "version": 299