Russian-linked cyber-espionage group has been found re-using the same leaked NSA hacking tool that was used in the WannaCry and NotPetya outbreaks. The campaign is also exploiting the Windows SMB exploit (CVE-2017-0143), called, which was one of many exploits allegedly used by the NSA for surveillance and leaked by the Shadow Brokers in April. The attacks began with a spear phishing email sent to one of the hotel employees. Once installed on the targeted hotel’s network, the malware uses macros to decode and deploy GameFish, a malicious document.
Source: https://thehackernews.com/2017/08/hotel-wifi-hacking-tools.html