Booking.com and Airbnb Users Targeted by Sophisticated Crypto Mining Scam

Booking.com and Airbnb Users Targeted by Sophisticated Crypto Mining Scam

2024-10-11 data

Bratislava, Friday, 11 October 2024.
ESET Research uncovers ‘Telekopye’, a complex fraud network exploiting popular booking platforms to mine cryptocurrencies on victims’ devices. Scammers use compromised hotel accounts to send convincing phishing emails, highlighting a new cybersecurity threat in the travel industry.

Unveiling Telekopye’s Tactics

The Telekopye fraud network, identified by ESET Research, represents a sophisticated evolution in cybercrime. This network exploits popular accommodation booking platforms like Booking.com and Airbnb by utilizing a scam toolkit that operates primarily through a Telegram bot. Scammers, referred to as ‘Neanderthals’, utilize compromised accounts of legitimate hotels and accommodation providers to pose as hosts, thereby sending emails claiming issues with booking payments. These phishing emails direct users to fraudulent pages that closely mimic legitimate sites, incorporating real booking information to deceive and engage the victims.[1][2][3]

The Mechanics of the Scam

Telekopye’s approach is particularly effective due to its use of stolen credentials obtained from cybercriminal forums. This allows scammers to populate phishing sites with prefilled booking details such as check-in and check-out dates, prices, and locations, which match the victims’ real bookings. This personalization makes the scams exceedingly difficult to detect because the information appears legitimate and personally relevant. Additionally, the fraudulent pages are often supported by services like Cloudflare to protect against detection, making them even more challenging to identify as scams.[1][2][3][4]

Cybersecurity Implications and Arrests

The implications of Telekopye’s operations are significant, as they expose vulnerabilities within widely-used platforms, potentially affecting millions of users. The scam’s expansion during the summer of 2024, surpassing traditional marketplace scams, underscores the need for increased cybersecurity measures. ESET Research’s efforts in uncovering Telekopye have already led to actionable outcomes. In late 2023, Czech and Ukrainian police arrested numerous cybercriminals associated with the network, including the main perpetrators, disrupting operations that had amassed at least €5 million (approximately US$5.5 million) since 2021.[2][4][5]

Preventive Measures and Future Outlook

ESET researchers, including Radek Jizba, emphasize the importance of vigilance among users of booking platforms. They advise verifying the legitimacy of booking links by scrutinizing URLs and ensuring that users remain on official websites or apps before proceeding with payments. The use of strong passwords and enabling two-factor authentication are recommended to protect accounts from being compromised. As cybersecurity threats evolve, continued awareness and proactive measures are crucial for both users and service providers to mitigate risks associated with such scams.[1][2][4][5]

Bronnen


www.dutchitchannel.nl www.welivesecurity.com Cryptocurrency Fraud www.helpnetsecurity.com www.eset.com securityonline.info