INDUSTRY WATCH
THE END GOAL IS TO GET ACCESS TO ACCOUNTS WITH REWARD POINTS AND SELL IT .
Check Point Research reveals a growing industry selling credentials to stolen hotel and airline accounts . The end goal is to get access to accounts with reward points and sell it . Check Point Research provides examples including dedicated brute forcing tool used to steal accounts , stolen credentials on sale and travel agents selling discounted flights retrieved using stolen airline and hotel accounts .
With airline prices skyrocketing these days , amidst the global inflation , people are always seeking last minute sales , special offers and will usually be tempted to follow any lucrative offer that will decrease the heavy prices we all need to pay towards our next vacation .
It seems that hackers and cybercriminals leverage this , as always , in their quest to maximise profits and leverage a need that requires a resolution .
Another tactic is the creation of travel agencies in Russian hacking underground markets . These agencies offer flight tickets and hotel bookings at 45 – 50 % discounted prices . However , these deals are ordered using stolen accounts from hotels , airlines , and other travel-related websites .
We also present examples of phishing , Vietnam Airlines and malspam , SouthWest examples impersonating airlines . In the graphic , you can see that the market platform offers tickets of leading global airlines .
Stolen accounts with reward and flight points
Here we show what is being offered , when requesting to purchase accounts which includes points in them . As the screenshot shows , an American Airlines account holding 1,500,000 + points are sold for $ 435 .
In this report , Check Point Research turns a spotlight into what seems like a growing phenomenon , in which cybercriminals are offering a variety of deals for those who seek to cut back on their expenses , while trying to get to their vacation ’ s destination .
Reward points that are not your own
Our researchers present examples to what seems to be a growing market on alternative pathways in which threat actors and cybercriminals offer their goods , using stolen credentials to airline and hotel personal accounts , or accumulated rewards that can be used to buy tickets or hotel nights .
One method cybercriminals use is offering stolen credentials of hotel and airline accounts that have accumulated reward or flight points . These stolen credentials are offered for free or for sale on hacking Darknet forums . Examples of such accounts include hotels like Marriott , Delta , and AA . Cybercriminals also use a dedicated brute forcing tool to steal accounts from Radisson Hotel with the end goal of accessing accounts with reward points or linked payment cards .
Specifically interested in Radisson account rewards Don ’ t worry , these guys will sell you the tool to brute force any account and get its captured points ! A brute force tool is a type of software or program used to crack or guess a password or encryption key by attempting every possible combination of characters until the correct one is found . Brute force tools are often used by hackers to gain unauthorised access to computer systems , networks , and online accounts .
Travel agents selling reduced prices tickets
Patriarch service is offering buyers 45 – 50 % reduced prices off an original booking that can be found on legitimate booking outlets around the net . These reduced prices are received using stolen accounts of airlines and hotels obtained by the operating cybercriminals who offer these services .
The advertisement which appears on the Darknet , originally in Russian , here also translated to English by Check Point Research offering tickets for worldwide
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 73