Kimpton Hotels & Restaurants is a nationwide chain of 62 boutique hotels in the United States, they are investigating reports of a credit card breach at several of their locations. The company said in a statement that they have hired a security firm to support the investigation.
Last year, Starwood Hotels and Resorts, Hilton Worldwide, Mandarin Oriental and others reported breaches, and Kimpton Hotels is the latest hotel chain added to the list. The source and extent of the breach at Kimpton Hotels is unknown, but in many of these incidents, credit card information was stolen by implementing malicious software on the point-of-sale devices at the bars and restaurants on the hotel chains.
Threat Intelligence experts from Diskin Advanced Technologies (DAT) discovered a new trojan dubbed Delilah, designed to target potential insiders by blackmailing them to provide information on their employer. Delilah is delivered to victims who visit adult and gaming sites, and when it successfully infects a machine, it lurks to gather personal information, such as facts about family and workplace. A plug-in is available to enable the hacker to remotely switch on the victim’s webcam and take screenshots at regular intervals.
Delilah is currently buggy, and victims can experience screen freezes or see pop-up error messages.
References: Delilah Malware Secretly Taps Webcam, Blackmails and Recruits Insider Threat Victims | Trojan Delilah Recruits Malicious Insiders Via Extortion | New Delilah Trojan Used to Blackmail Employees, Recruit Insiders
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.