Between June and August 2025, Kaspersky’s Global Research and Analysis Team (GReAT) discovered a new wave of AI-powered cyberattacks by RevengeHotels targeting hotels worldwide. The attacks focus on stealing guest payment information, raising concerns for the hospitality industry.
RevengeHotels Using AI in Cyberattacks on Hotels
The cybercrime group known as RevengeHotels has been active since 2015, but Kaspersky reports that it has now upgraded its methods. The attackers are using Artificial Intelligence (AI) to generate malicious code, making their operations more sophisticated and harder to detect.
Kaspersky’s analysis shows that many of the new malicious programs contain AI-generated code. This evolution makes familiar schemes like phishing emails increasingly dangerous for hotel staff and guests.
Hotels in Brazil and Beyond Now Targeted
While Brazilian hotels remain the main target, similar cyberattacks have been recorded in other parts of the world. Experts warn that Africa’s top travel hubs such as South Africa, Kenya, and Nigeria could face risks due to their growing tourism and business travel industries.
“No country or hotel is immune to falling victim,” Kaspersky noted, stressing the importance of proactive cybersecurity measures.
How RevengeHotels Cyberattacks Work
The group’s strategy often starts with phishing emails disguised as reservation requests or job applications. Once a hotel employee interacts with these messages, a malware known as VenomRAT is installed. This grants hackers access to sensitive data, including guest payment details.
These phishing emails often mimic legitimate websites, making them difficult to identify as fraudulent.
ALSO READ: Google Launches Major AI Training Push for Nigerian Developers, Targeting Local Innovation
Expert Warning from Kaspersky
“Сybercriminals are increasingly using AI to create new tools and make their attacks more effective,” said Lisandro Ubiedo, an expert at Kaspersky’s GReAT team.
“For hotel guests, this translates into higher risks of card and personal data theft, even when you trust well-known hotels.”
Kaspersky’s Recommendations for Hotels and Guests
To counter AI-powered cyberattacks on hotels, Kaspersky advises:
- Treat all links and attachments with caution, even from friendly-looking emails.
- Use solutions like Kaspersky Next, which provides real-time protection, threat visibility, and response tools for organisations.
- Fine-tune antispam settings to block suspicious content.
- Avoid opening unexpected files, even if they appear official.
Conclusion: Hotels Must Prepare for AI Cyber Threats
The rise of AI-powered cyberattacks on hotels highlights the growing threat to global tourism and business travel. With groups like RevengeHotels evolving rapidly, experts urge hotels and guests to stay vigilant and adopt advanced cybersecurity measures.
