A cyberattack on Booking.com has been reported, causing widespread concern over the safety of hotels partnered with the organization. The Booking cyberattack has reportedly affected hotels in various countries.
The attackers, masquerading as travelers, have been deploying a sophisticated phishing scam, compromising hotel computers and extracting Booking.com credentials.
The modus operandi in this Booking cyberattack involves sending infected emails to hotels under the guise of reservation requests. Once these emails are opened and their malicious contents downloaded, a virus infiltrates the hotel’s systems.
This breach exposes sensitive Booking.com login details, enabling hackers to impersonate hotel staff. The fraudulent messages then target guests with claims requiring advanced payment and soliciting credit card information.
Booking cyberattack, phishing scams and more
The Booking cyberattack initially surfaced in Japan but is now believed to be part of a larger, orchestrated operation by a prominent threat actor.
According to Asahi.com, this chain reaction of cyberattack on Booking.com began in Japan when a hotel fell prey to an email from a faux customer, initiating the breach when a disguised file, posing as a medical request, was unwittingly downloaded.
In response to these Booking cyberattacks, the organization acknowledged this strange phenomenon of cyberattacks and has assured affected customers that efforts are underway to recover funds lost due to unauthorized purchases made with stolen card information.
Highlighting the extent of the breach, reports as of November 3 reveal that at least 68 hotels in Japan reported being targeted.
The compromised information primarily pertains to foreign visitors. Security firm LAC Co. analyzed the virus involved and identified Russian hackers as the perpetrators.
Cyberattack on Booking.com: Threat actor still unknown
Booking.com, a platform hosting 6.6 million facilities globally, mandates the use of individual IDs and passwords for access to its website and app.
The phishing scam typically initiates with a traveler receiving an email in English, containing a deceptive link. Clicking on this link triggers the malware, allowing hackers to illicitly acquire hotel credentials when accessing Booking.com.
The cyberattacks are not isolated incidents, as Booking.com acknowledged similar occurrences in Europe around November of the previous year, with subsequent global ramifications. These incidents coincide with the relaxation of travel restrictions amid the COVID-19 pandemic, contributing to an upswing in international travel.
As the situation unfolds, concerns about the scale of damages persist. The Cyber Express reached out to Booking.com for an official statement or response regarding the Booking cyberattack; however, none has been received at the time of writing.
In light of these events, travelers and hoteliers are urged to exercise heightened caution and remain vigilant against potential phishing attempts. Regularly updating passwords and staying informed about cybersecurity best practices is paramount to mitigating the risks associated with such cyber threats.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
