Holidaymakers are threatened by cunning new cyber threat – here is how you can stay safe
- Advertisement -
Related Posts
- Advertisement -
- Experts warns of fake -booking.com -sites circulating on the internet
- The sites are supplied with a fake prompt “accept cookie” that downloads a rat
- Shoppers must be wary when looking for deals
Hackers were found on holidaymakers around the world with external access Trojans (Rat) distributed through Nepboeken.com -websites, have warned experts.
Researchers of Horsepower Wolf Security thought that cyber criminals have made websites that at first sight look like Booking.com – they wear the same branding, the same color scheme and the same layout. However, the content of the website is blurred and a misleading cookie banner is displayed on that.
As victims on “accept acceptances”, they activate a download of a malignant JavaScript file. This in turn installs Xworm, a powerful rat that provides the attackers full control over the compromised device, including access to files, webcams and microphone. They can also use access to disable security aids, implement extra implementation malwareAnd exfiltress passwords and other data.
Peak booking period
HP Wolf Security says it first saw the campaign in the first quarter of 2025, which is “Peak Summer Holiday Booking period”, and a time when “Click Modigue” takes place, because potential holiday makers are reckless and not pay attention to the sites they visit, ending in disasters.
“Since the introduction of privacy regulations such as GDPR, cookie prompts have been so normalized that most users have become a habit of ‘Click-First, think later,'”, said Patrick Schläpfer, main researcher of the main threat in the HP Security Lab.
“By simulating the appearance of a booking site at a time when Holiday Gous hurry to make travel plans, attackers do not need advanced techniques all a well-timed prompt and the user’s instinct for clicking.”
There are a few things that users can do to stay safe and the first is – to slow down while browsing.
Users must also ensure that you do not click on links in e-mails or messages on social media, especially for established sites such as books. Instead, type the address in the browser’s navigation bar manually.
Maybe you like it too
- Advertisement -
