Travel TechnologyThreat group RevengeHotels is spreading its malicious attacks on the hospitality sector.

There’s a new cyberthreat targeting hotels

By Travel Weekly Asia

|

Oct 01, 2025

|

Malicious programmes used in attacks contain code likely generated with AI.

Malicious programmes used in attacks contain code likely generated with AI. Photo Credit: Adobe Stock/Looker_Studio

A new wave of cyberattacks is targeting hotels to gain access to guests’ payment information.

A threat group called RevengeHotels is using Artificial Intelligence to make their attacks more effective and reach regions beyond hotels in Brazil which have been the main target to date.

Between June and August 2025, Kaspersky’s Global Research and Analysis Team discovered that many of the new malicious programmes used in these attacks contain code likely generated with AI, making them more sophisticated and harder to detect.

While hotels in Brazil have been the main target, Kasperksky warned that no country or hotel is immune to falling victim.

How the attacks work

The threat actor sends phishing emails directly to hotel staff, often disguised as requests for reservation or job applications.

Once a hotel employee interacts with these emails, malware called VenomRAT is installed on the hotel’s systems, giving attackers access to guests’ payment data and other sensitive information.

The emails often look convincing, coming from legitimate-looking websites.

"Сybercriminals are increasingly using AI to create new tools and make their attacks more effective. This means that even familiar schemes, like phishing emails, are becoming harder to spot for a common user.

“For hotel guests, this translates into higher risks of card and personal data theft, even when you trust well-known hotels," said Lisandro Ubiedo, expert at Kaspersky’s Global Research and Analysis Team.

Related NewsPrevious Next Previous Next

80% of hotels spend up to two days a week on manual reporting and reconciliation.

New portal looks to simplify hotel agency bookingsBakuun launches B-Portal to give contracted travel agencies direct access to hotel rates, bookings and payments.

Keeta Drone says its drones have been engineered to perform reliably in Dubai’s desert conditions.

Is it a plane? Is it a bird? No, it’s your Big Mac arriving on the beachDubai plans drone delivers to parks and beaches.

Travellers should be aware of the risks of keeping unwanted travel apps on a phone.

Beware the travel apps that follow you homeCybersecurity boss warns travellers in Asia to delete apps they no longer need.

Visitors may book a complimentary robodog guide session at Sentosa.

Who let the robodogs out in Singapore?Key attractions test AI-powered canine guides to elevate the visitor experience.

Information accessed could include booking details and names, email addresses and phone numbers.

Major OTA hit by cyber attackBooking.com says ’malicious actors’ may have accessed booking information.

Users can expect three new-to-platform features in this update.

Bedsonline gets an AI-powered refreshUpdate moves platform towards faster, smarter and more relevant selling.

Agents can now offer an end-to-end experience that now includes airport transfers in addition to flights and hotels.

A quicker SmartRyde for airport transfersJapanese firm teams up with Amadeus to make airport transfers easier.

Klook has received funding to extend its reach across Asia Pacific and beyond, as well as to attract younger travellers.

Klook prepares to go publicThe travel experiences platform moves towards an IPO to take advantage of positive market sentiment.

Tripadvisor announces layoffs amid strategy change

Tripadvisor announces layoffs amid strategy changeThe company wants to focus on activity bookings and experiences in realignment.

Malicious programmes used in attacks contain code likely generated with AI.

There’s a new cyberthreat targeting hotelsThreat group RevengeHotels is spreading its malicious attacks on the hospitality sector.

JTB Corp to acquire Northstar Travel Group

JTB Corp to acquire Northstar Travel GroupLeading B2B travel industry events, media, and information services company will continue to operate independently as a...

New Agoda Ask-Me-Anything bot gives travellers instant info on hotels and amenities.

Ask this Agoda bot anything about hotelsAgoda introduces AI bot for instant, real-time answers to hotel questions.

Travellers in APAC are excited about AI in travel planning but aren’t ready to give up full control.

Travellers want AI support, not AI controlAI tools are gaining traction in travel planning, but most travellers still prefer a human in charge.

Remote workers and adventure seekers can now have peace of mind with a dedicated insurance policy.

This insurance covers the digital nomadsNomad insurance covers everything from kidnapping to ransom.

Oliver Jay, managing director of International, OpenAI and (right) Jordan Tan, chief technology officer, Singapore Tourism Board at the MOU signing

Singapore looks to the future of tourism with AIThe Singapore Tourism Board’s agreement with OpenAI technology is a tourism first for Asia.

Event by Indonesia offers real-time event info and travel tips for cultural explorers.

Where’s the party? Indonesia’s new app tells youDiscover music, culture, food, and festivals across Indonesia with new tourism event guide.

This helps travel brands reach wider audiences by making their Instagram posts appear on Google, increasing visibility beyond the app and driving more traffic.

You can now google Instagram travel postsInstagram travel content has been made searchable on Google, opening new doors for travel brands.

CWT received a total of 1,113 responses, comprising 515 companies in 56 countries.

CWT Survey shows data security and  mobile technology dominating in 2015

TA Network says its collaboration with Guangzhou-based Joy Travel is a milestone in its mission to enhance the B2B travel ecosystem across Greater China and the region.

TA Network brings Joy to travel agentsNew partnership promises to enhance the B2B travel ecosystem across Greater China.

Tours and Transfers API connects global travel platforms directly with Singapore ground network.

Tours in Singapore just got API-poweredTravel DMC Group says its new platform links agents with Singapore’s ground community.

80% of hotels spend up to two days a week on manual reporting and reconciliation.

New portal looks to simplify hotel agency bookingsBakuun launches B-Portal to give contracted travel agencies direct access to hotel rates, bookings and payments.

Keeta Drone says its drones have been engineered to perform reliably in Dubai’s desert conditions.

Is it a plane? Is it a bird? No, it’s your Big Mac arriving on the beachDubai plans drone delivers to parks and beaches.

Travellers should be aware of the risks of keeping unwanted travel apps on a phone.

Beware the travel apps that follow you homeCybersecurity boss warns travellers in Asia to delete apps they no longer need.

Visitors may book a complimentary robodog guide session at Sentosa.

Who let the robodogs out in Singapore?Key attractions test AI-powered canine guides to elevate the visitor experience.

Information accessed could include booking details and names, email addresses and phone numbers.

Major OTA hit by cyber attackBooking.com says ’malicious actors’ may have accessed booking information.

Users can expect three new-to-platform features in this update.

Bedsonline gets an AI-powered refreshUpdate moves platform towards faster, smarter and more relevant selling.

Agents can now offer an end-to-end experience that now includes airport transfers in addition to flights and hotels.

A quicker SmartRyde for airport transfersJapanese firm teams up with Amadeus to make airport transfers easier.

Klook has received funding to extend its reach across Asia Pacific and beyond, as well as to attract younger travellers.

Klook prepares to go publicThe travel experiences platform moves towards an IPO to take advantage of positive market sentiment.

Tripadvisor announces layoffs amid strategy change

Tripadvisor announces layoffs amid strategy changeThe company wants to focus on activity bookings and experiences in realignment.

Malicious programmes used in attacks contain code likely generated with AI.

There’s a new cyberthreat targeting hotelsThreat group RevengeHotels is spreading its malicious attacks on the hospitality sector.

JTB Corp to acquire Northstar Travel Group

JTB Corp to acquire Northstar Travel GroupLeading B2B travel industry events, media, and information services company will continue to operate independently as a...

New Agoda Ask-Me-Anything bot gives travellers instant info on hotels and amenities.

Ask this Agoda bot anything about hotelsAgoda introduces AI bot for instant, real-time answers to hotel questions.

Travellers in APAC are excited about AI in travel planning but aren’t ready to give up full control.

Travellers want AI support, not AI controlAI tools are gaining traction in travel planning, but most travellers still prefer a human in charge.

Remote workers and adventure seekers can now have peace of mind with a dedicated insurance policy.

This insurance covers the digital nomadsNomad insurance covers everything from kidnapping to ransom.

Oliver Jay, managing director of International, OpenAI and (right) Jordan Tan, chief technology officer, Singapore Tourism Board at the MOU signing

Singapore looks to the future of tourism with AIThe Singapore Tourism Board’s agreement with OpenAI technology is a tourism first for Asia.

Event by Indonesia offers real-time event info and travel tips for cultural explorers.

Where’s the party? Indonesia’s new app tells youDiscover music, culture, food, and festivals across Indonesia with new tourism event guide.

This helps travel brands reach wider audiences by making their Instagram posts appear on Google, increasing visibility beyond the app and driving more traffic.

You can now google Instagram travel postsInstagram travel content has been made searchable on Google, opening new doors for travel brands.

CWT received a total of 1,113 responses, comprising 515 companies in 56 countries.

CWT Survey shows data security and  mobile technology dominating in 2015

TA Network says its collaboration with Guangzhou-based Joy Travel is a milestone in its mission to enhance the B2B travel ecosystem across Greater China and the region.

TA Network brings Joy to travel agentsNew partnership promises to enhance the B2B travel ecosystem across Greater China.

Tours and Transfers API connects global travel platforms directly with Singapore ground network.

Tours in Singapore just got API-poweredTravel DMC Group says its new platform links agents with Singapore’s ground community.

MagazinesPrevious Next

January - March 2026

January - March 2026A New Season in Bloom

Momentus Hotels & Resorts | Moments with Us

Momentus Hotels & Resorts | Moments with UsDiscover the Momentus difference - meaningful, memorable and made for more.

Popular Today

Most Read

In the Spotlight

Aiden Surawong Bangkok signals a new generation of hotels for smart, savvy, and well-informed travellers who crave complete convenience without sacrificing their sense of style.

The new generation of hotels unlocking Asia’s coolest spots

Inside the lifestyle hotel brand travellers keep coming back to

The Sanctuary Resort Pattaya, BW Signature Collection’s rooftop pool and bar.

The Thailand hotel network that makes travel planning easier

Macao made its debut in the Global Muslim Travel Index 2025, ranking fifth among the non-OIC destinations for Muslim women travellers and 16th globally.

Macao’s Muslim-friendly tourism: What travellers need to know