Dark hotel
More about the Dark Hotel group, its tactics, techniques, procedures and tools
-
The way of propagation
Peer-to-peer sharing networks , Social engineering -
Purpose/Functions
Cyberespionage , Surveillance -
Special features
Targeted attacks resulted in C-suite victims: CEOs, Sr Vice Presidents, Sales and Marketing Directors and top R&D staff
-
Targets
Automotive , Business individuals , Defense industrial base , Electronics manufacturing , Intelligence agencies , Investments , Law enforcement agencies , Military , Non-governmental organizations , Pharmaceutical , Private companies , Specific individuals -
Artefacts/Attribution
The attackers left a footprint in a string within their malicious code pointing to a Korean-speaking actor.
-
Description
A well-resourced threat group that initially became known for its attacks against high-profile targets by infiltrating hotel networks. Their toolkit is diverse, and they have, in the past, infected victims’ computers using malicious updates, forged certificates, and spear-phishing. Their cyberespionage campaigns are targeted primarily at top executives from a variety of industries doing business and outsourcing in the APAC region. This is one of the longest-running actors, with activity dating back to 2007.