Victims risk AsyncRAT infection after being redirected to fake Booking.com sites

SUMMARY :

Cybercriminals have launched a campaign redirecting users from gaming sites and social media to fake Booking.com websites. The scam uses fake CAPTCHA prompts to trick visitors into executing malicious commands on their devices. If successful, the attack downloads and installs AsyncRAT, a backdoor Trojan that allows remote monitoring and control of infected computers. The campaign, which began in mid-May, frequently changes its final redirect destination. The malicious actors exploit the fact that 40% of people book travel through online searches, creating ample opportunities for deception. To stay safe, users are advised to be cautious of website instructions, use anti-malware solutions, employ browser extensions that block malicious domains, and consider disabling JavaScript on unknown websites.

OPENCTI LABELS :

social engineering,asyncrat,clipboard hijacking,travel booking,captcha scam


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Victims risk AsyncRAT infection after being redirected to fake Booking.com sites