Suspected Russian hackers are using fake error pages and a “Blue Screen of Death” tactic to infect European hotel systems with DCRat malware. This campaign demonstrates advanced social engineering and technical methods to bypass defenses and establish persistent access. #PHALT#BLYX #DCRat
Keypoints
- Cybercriminals target European hospitality industry using phishing emails titled “Reservation Cancellation.”
- The campaign involves fake reservation alerts leading victims to a malicious “Blue Screen of Death” page.
- Victims are prompted to run scripts that disable Windows Defender and download malware.
- The malware, DCRat, allows hackers to steal data and maintain remote access to infected devices.
- Indicators of Russian involvement include use of native Russian debug strings and infrastructure geolocated to Russia.
Read More: https://therecord.media/russian-hackers-europe-hospitality-blue-screen