Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label AI cybersecurity. Show all posts
URL Technology
AI cybersecurity Booking com Customers Hacking Cyber Attacks CyberCrime Cybersecurity Cyberthreats Data Breaches Attacks Legal Options URL Technology

Rising Tide of Cyber Threats: Booking.com Faces Surge in Customer Hacking Incidents

 


Dark forums are places where hackers advertise what they can do to increase attacks against Booking.com customers. As cybercriminals continue to target hotel guests by offering up to $2,000 for hotel logins, they are offering up to 2,000 dollars for hotel logins. In the event of a phishing attack occurring at Booking.com on November 12, 2023, reports emerged saying the company had confirmed the attack had happened.

It appears from Booking.com's statements, that it appears that hackers have been able to collect information about credit cards from consumers. An online travel agency with its headquarters in Amsterdam, Netherlands, Booking.com has been operating since 1997. 

With over 2.7 million properties worldwide, including more than 400,000 hotels, Booking.com offers reservations for more than 2.7 million properties. There is also the opportunity for owners of motels, apartment units, and resorts to upload their listings to Booking.com. 

Among the largest online travel agencies, Booking.com is also routinely ranked as one of the most popular travel applications that can be downloaded from the mobile web. It is estimated that the revenue generated by Booking.com exceeds $10 billion annually and that the company employs more than 21,600 people. This incident remains a looming problem for Booking.com, and the investigation into the incident continues. 

It is important to note, however, that Booking.com will be required to send out a letter of data breach notification to each individual whose information was compromised as a result of the recent data security incident when it has completed its investigation. There has been a surprising lack of news about the Booking.com cyberattack over the past few days, and more information is expected to become available shortly. Currently, several news outlets are reporting the incident, and Booking.com has only issued a partial statement confirming the incident. 

Various hotel employees received an email from a hacker posing as a traveller that caused the attack, according to these sources. An employee of the hotel clicked on the link that contained a malicious message in the email and caused the hotel’s computer to get infected with a virus. 

Once the virus had been activated, hackers were able to obtain the passwords and login information of hotels through Booking.com. Once the hacker had obtained those passwords and hotel IDs, he sent fake emails posing as a hotel employee to travellers. 

These emails explained how hackers could obtain travellers' credit card information by tricking travellers into entering their information into a fake Booking.com site, where hackers could easily collect travellers' credit card information. 

As of the moment, Booking.com has been in the process of investigating the impact of the phishing attack and has only recently confirmed the phishing attack. Following Booking.com's investigation, it is expected that the company will be required by federal law to send out information breach notices to all affected by the recent data security incident, once it has completed its investigation. 

A victim's letter should include a list of all the personal information that was compromised as part of the phishing attack. To access the targeted hotel’s system, fraudsters need to call the front desk and pretend to be a guest who left a valuable item behind when recently leaving the hotel. As soon as the criminal on the phone has finished speaking to the receptionist at the hotel, he or she then emails the receptionist with a link to a Google Drive file containing the file. 

A data breach notification that targeted victims receive from Booking.com is crucial for them to understand exactly what is at risk and how they can react to it. If those targeted victims have been the victim of fraud or identity theft, or they need legal advice following a possible Booking.com data breach, a data breach lawyer can help them learn more about how to protect themselves from becoming a victim, as well as talk to them about their legal options. In this example, instead of opening a picture of the product in question, the customer service representative opens a Malware file called Vidar Infostealer which steals the billing information of the hotel system and automatically relays it to the fraudsters to gain access to the payment processing system. 

When the bad actors logged into Booking.com with the stolen credentials, they approached hotel guests and requested bogus payments. Rather than sending the victims directly to Booking.com or the actual hotel website to pay, the hackers send them to a spoofed website or take their credit card information over the phone rather than sending them to Booking.com or an actual hotel website. Since guests are unaware they are being scammed because the messages come from legitimate, but unfortunately hacked, accounts of hotels listed on Booking.com, the attack is extremely successful as a result of a highly effective attack.

In an analysis conducted by the security firm, it was discovered that this issue is very widespread and affects hotels and resorts around the world. As a result of these attacks, substantial financial losses can be sustained, and there are still concerns about the potential for data misuse and trust breaches. According to the security team, there may be more than one reason for the Booking.com phishing attack in the future, as a previous InfoStealer campaign that was targeted at hotels and travel agencies may be part of a larger pattern.  

Users are strongly recommended to check URLs thoroughly before clicking, to take caution when making urgent requests, to contact service providers directly to get answers to their questions, to share knowledge about phishing, and to keep an eye out for unauthorized transactions occurring on their accounts.
Read more »
Vulnerable Accounts
AI cybersecurity Bank Account Thfet cryptocurrency Cyber Fraud Cyberattacks Financial Theft GoldDigger Group IB malware Technology Vulnerable Accounts

GoldDigger Malware: The Covert Culprit Behind Vanishing Funds

 


Several Android banking apps have been observed to be vulnerable to a new malware strain capable of stealing money from them, which has been observed making the rounds. Group-IB recently discovered an Android Trojan that appears to target more than 50 Vietnamese banking apps, e-wallet services, and cryptocurrency wallets, with its primary objective being the theft of funds. 

Developed by the threat intelligence division at Group-IB, this Trojan named "GoldDigger" has been around since at least June 2023, and its digital footprints have been tracked since then. Two separate apps were used to deliver malware – one that impersonated a Vietnamese government portal and another one that impersonated a company in the energy sector.  

Researchers do not yet know the exact attack vector the attackers used, but speculation is that they may have reached out to victims using social media channels, email messages, and other common ways of communicating with them.  

In addition, they were using these channels to redirect victims to at least a dozen fake Google Play websites, where they presented them with the opportunity to install the apps on their smartphones. The app will then do what it normally does once it is installed on the device: ask for “Accessibility permissions” and then proceed.  

There is probably no better way to identify a malicious app than if it asks for excessive permissions - that is the most obvious way to do so. To get sensitive user information, such as passwords, GoldDigger will need to be granted some permissions by the victim to dig it out. Once it has found any of the 51 Vietnamese financial institutions' apps e-wallet apps or cryptocurrency wallet apps, it will then search for any of these apps on its own.  

The GoldDigger application will be able to detect and extract the login information for the accounts it is scanning for. This is essentially granting the attackers unrestricted access to the financial accounts it is scanning for. The researchers went on to explain that Virbox Protector is part of the feature set that they feel makes GoldDigger unique, a piece of integrated software that acts as an obfuscation and encryption system integrated into the program.  

In general, Virbox Protector is a legitimate application, however here, in this case, it has been used for nefarious purposes, leading to the tasks of cybersecurity researchers becoming a lot more challenging.  It is impossible to think exactly how many people have fallen for this scam and lost their money as a result. 

Still, to be on the safe side it is always best to download applications only from legitimate sources and to always be suspicious when a link or attachment is received through mail. Malware Targeting Android Devices in The Future GoldDigger is characterized by its use of Virbox Protector, a software program which specializes in obfuscating and encrypting data in an advanced manner. This is what sets GoldDigger apart from its competitors.  

To enhance the evasion of standard fraud detection mechanisms, malware developers have taken an inventive step by making it difficult for cybersecurity experts to decipher and understand their malevolent codes, allowing them to evade standard fraud detection systems. Group-IB has the Fraud Protection suite that can detect GoldDigger's presence, perhaps for more reasons than one.   
Read more »
Technology
AI cybersecurity automated response customized security Cyber Threats data processing digital safety long-term financial benefits predictive threat identification Technology

Balancing Promise and Pitfalls: Integrating AI into Cybersecurity

 

In the rapidly evolving digital landscape, the emergence of AI-driven cybersecurity offers a groundbreaking defense against modern cyber threats. However, alongside its celebrated capabilities lies a less-discussed aspect: the hidden costs and challenges associated with Artificial Intelligence (AI). 

The Potential of AI in Cybersecurity

In today's digital era, the surge in cyber threats poses a formidable challenge to even the most fortified institutions. Enter AI-enhanced cybersecurity, hailed as the future of digital defense. It brings a host of compelling advantages:

1. Predictive Threat Identification: Unlike traditional security measures, AI proactively identifies and predicts potential threats by analyzing extensive datasets, ensuring early interception.

2. Swift Automated Response: AI-powered systems offer instantaneous responses upon threat identification, drastically reducing an attacker's window of opportunity.

3. Adaptation through Experience: AI's strength lies in its adaptability. Thanks to machine learning, AI systems refine their threat recognition based on historical data, strengthening defenses after each encounter.

4. Efficient Data Processing: AI effortlessly navigates through vast data streams, extracting valuable insights and red flags at lightning speed, a task nearly impossible for manual scrutiny.

5. Customized Security Protocols: AI-driven tools provide tailored solutions, aligning with an organization's specific digital nuances. Over time, these tools refine their defense mechanisms to mirror the distinct digital blueprint of a company.

6. Long-term Financial Benefits: Despite initial capital investment, automation and superior threat detection capabilities of AI can lead to significant cost reductions. Decreased breach instances translate to reduced financial impact, while automation can alleviate workforce expenses.

While these advantages are compelling, it is imperative to acknowledge the challenges inherent in AI-driven cybersecurity. The subsequent sections explore these challenges, underscoring the need for a balanced approach and thorough due diligence before wide-scale adoption.

The Costs of Implementing AI in Cybersecurity

Embracing AI-driven cybersecurity solutions represents a logical progression in fortifying digital defenses. Nevertheless, one must look beyond the high-octane promises and consider the financial and potential hidden costs of this transformation:

1. Initial Financial Investment: Implementing AI-driven tools requires a substantial upfront commitment, including the purchase of cutting-edge software, potential hardware upgrades, and integration costs.

2. Training & Expertise: AI is not a plug-and-play solution; it necessitates experts proficient in both cybersecurity and AI intricacies. Hiring or training such experts can be costly, especially in a competitive job market.

3. Ongoing Maintenance Costs: Unlike traditional solutions, AI-driven systems evolve, requiring regular adjustments, software updates, and addressing unforeseen challenges, all incurring additional expenses.

4. Data Dependency: AI's efficacy hinges on data availability. Accumulating, storing, and processing the vast amounts of data needed for efficient operation can lead to increased storage and data management costs.

5. Integration Challenges: Not all existing systems seamlessly mesh with new AI-driven solutions. Integration may require overhauls or intermediary solutions, adding to the financial burden.

6. False Positives & Operational Disruptions: In the early stages, AI tools may misinterpret legitimate activities as threats, causing operational disruptions and potential reputational damage.

7. Scalability Costs: As organizations grow, so do their data and digital operations. Ensuring that the AI system scales accordingly will demand additional investments in hardware and software upgrades.

While AI holds undeniable potential in redefining cybersecurity, a comprehensive cost-benefit analysis, considering immediate and long-term financial implications, should precede committing to this technological leap.

The Disadvantages and Limitations of AI in Cybersecurity

AI in cybersecurity offers innovative solutions and heightened defenses, but it is imperative to acknowledge its limitations:

1. Over-reliance on Technology: Relying too heavily on automated systems can lead to complacency, as no system is infallible, and human oversight remains crucial.

2. Vulnerability to Data Manipulation: Malicious actors can tamper with data to deceive AI systems, potentially leading to incorrect threat assessments.

3. Lack of Contextual Understanding: AI excels at analyzing patterns but lacks human contextual understanding, potentially resulting in false positives or overlooking subtle threats.

While AI offers an advanced arsenal in the fight against cyber threats, it is not a panacea. Organizations must be aware of its limitations and maintain a balanced, multifaceted approach to cybersecurity that integrates both AI-driven and traditional defense mechanisms.

Striking the right balance

Harnessing the power of AI in cybersecurity can elevate an organization's defenses. To reap the benefits and avoid potential pitfalls, a strategic and well-informed approach is essential. Here are the best practices for a seamless and influential union of AI and cybersecurity:

1. Begin with Clear Objectives: Define your goal before implementing AI. Whether streamlining threat detection or automating tasks, clarity ensures alignment with security goals.

2. Choose the Right Tools: Select AI-driven cybersecurity tools with proven track records and capabilities that address your unique challenges.


Read more »
Subscribe to: Posts (Atom)