Sept. 01 – An increasing number of cyber criminals are exploiting the Airbnb platform in order to profit from user accounts and stolen data.

A household name in the travel industry, Airbnb has become a target due to its global popularity. However, cyber security researchers have explained that the platform’s accessibility has also enabled cyber criminals to manipulate systems for their own gain.

Airbnb cyber attacks

Many of these cyber attacks rely on info-stealers, which surreptitiously infiltrate devices and harvest sensitive details, like login credentials. The stolen data is then transmitted to cyber criminals, who can freely login to accounts and take control.

Further research revealed the development of an underground cyber criminal marketplace, where persons with malicious intent can sell and purchase access to compromised devices, in bulk. As a result, cyber criminals can execute an even larger number of nefarious activities at-scale than ever before.

More on methodology

In some cases, cyber criminals purchase stolen Airbnb account cookies from dark web forums, enabling criminals to gain account access in the absence of a valid username and password.

The extent of the account theft has reportedly led to a devaluation of each compromised Airbnb account, with account access selling for as little as a dollar.

Further details

This story exemplifies how cyber criminals are continuously evolving their tactics. And even the most trusted of platforms can come with unforeseen risks. In other words, a proactive approach to cyber security and good cyber security hygiene are critical in today’s challenging digital landscape.

For more on this story, click here. Lastly, to receive more timely cyber security insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.