Cybercriminals are increasingly abusing the Airbnb platform to commit fraud. A new analysis by SlashNext’s cybersecurity experts reveals the techniques these malicious attackers use to compromise users’ accounts and profit from their stolen data.
Airbnb, a well-known name in the travel industry, has become a prime target due to its global popularity in providing relatively affordable accommodation to travelers. However, SlashNext explained that this accessibility also allowed cybercriminals to manipulate the system for profit.
At the center of these cyberattacks are stealers that secretly infiltrate devices and collect sensitive information such as login credentials. This stolen data is sent to the attacker and allows unauthorized access to the user’s account. This research reveals a variety of entry points exploited by cybercriminals, from software vulnerabilities to social engineering tactics.
This investigation further revealed the existence of underground marketplaces where cybercriminals buy and sell access to compromised devices (also known as bots, installs, and infections) in bulk. This allows criminals to deploy malicious software quickly and widely, increasing the scope of their attacks.
Cybercrime forum details: 2.6 million Duolingo users’ data leaked on hacking forum
Session cookies play a key role in the methods cybercriminals use to gain unauthorized access to user accounts. These small files store user preferences and browsing information, and often allow temporary access to her website.
Cybercriminals purchase cookies for stolen Airbnb accounts from underground forums, allowing unauthorized access without requiring a valid username and password. Although these stolen access windows are short-lived, they are quickly exploited by attackers.
the study It also exposes the monetization of stolen data. Cybercriminals use online forums and digital marketplaces to sell compromised account information and stolen girlfriend cookies directly to parties. Due to the scale of the account theft, each compromised Airbnb account was reportedly downgraded and priced as low as $1.
This research highlights the importance of understanding the evolving tactics employed by cybercriminals and the vulnerabilities they exploit. This is a reminder that even trusted platforms like Airbnb can have hidden risks and require increased user awareness and proactive security measures.
Editorial image credit: Ink Drop / Shutterstock.com