Subj : Holidaymakers under threat from devious new cyber threat - here's To : All From : TechnologyDaily Date : Thu Jun 12 2025 19:45:07 Holidaymakers under threat from devious new cyber threat - here's how to stay safe Date: Thu, 12 Jun 2025 18:32:00 +0000 Description: Fake Booking.com site found dropping a dangerous RAT to people's computers, experts warn. FULL STORY ======================================================================Experts warns of fake Booking.com sites circulating the web The sites come with a fake "Accept Cookie" prompt that downloads a RAT Shoppers should be on their guard when searching for deals Hackers have been found targeting holidaymakers around the world with remote access trojans (RAT) distributed through fake Booking.com websites, experts have warned. Researchers from HP Wolf Security found cybercriminals have been making websites that, on first glance, look just like booking.com - they carry the same branding, the same color scheme, and same formatting. However, the content of the website is blurred, and over it, a deceptive cookie banner is displayed. If victims press Accept cookies, theyll trigger a download of a malicious JavaScript file. This, in turn, installs XWorm, a powerful RAT that grants the attackers full control over the compromised device, including access to files, webcams, and microphone. They can also use the access to disable security tools, deploy additional malware , and exfiltrate passwords and other data. Peak booking period HP Wolf Security says it first spotted the campaign in Q1 2025, which is peak summer holiday booking period, and a time when click fatigue sets in, as prospective holidaymakers are reckless and dont pay attention to the sites theyre visiting, ending in disaster. "Since the introduction of privacy regulations such as GDPR, cookie prompts have become so normalized that most users have fallen into a habit of click-first, think later, commented Patrick Schlpfer, Principal Threat Researcher in the HP Security Lab. By mimicking the look and feel of a booking site at a time when holiday-goers are rushing to make travel plans, attackers dont need advanced techniques - just a well-timed prompt and the users instinct to click. There are a few things users can do to stay safe, and the first one is - to slow down when browsing. Users should also make sure not to click on links in emails or social media messages, especially for well-established sites such as Booking. Instead, type in the address in the browsers navigation bar manually. You might also like Claude AI and other systems could be vulnerable to worrying command prompt injection attacks Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/holidaymakers-under-threat-from-devious -new-cyber-threat-heres-how-to-stay-safe --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .