Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com.
According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities for scammers. The first signs of the campaign showed up mid-May and the final redirect destination changes every two to three days. Following the links brings visitors to a familiar strategy where fake CAPTCHA websites hijack your clipboard and try to trick visitors into infecting their own device.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Poland says hackers breached water treatment plants, and the US is facing the same threat
May 8, 2026
Poland’s intelligence service said it detected attacks on five water treatment plants where hackers could have taken control of the industrial equipment inside, including, in the worst case, tampering with the safety of the water supply. The story is relevant beyond Poland’s borders: U.S. water infrastructure has faced similar threats in recent years. In 2021, a ...
- Worm rubs out competitor’s malware, then takes control
May 8, 2026
There’s a mysterious framework worming its way through exposed cloud instances removing all traces of TeamPCP infections, but it’s not benevolent by a long shot: Whoever is behind this bit of malware may be cleaning up who came before, but only so they can take their place. Discovered by security outfit SentinelOne’s SentinelLabs researchers and dubbed PCPJack ...
- ‘Dirty Frag’ Linux flaw one-ups CopyFail with no patches and public root exploit
May 8, 2026
Broken disclosure embargo left admins facing a fresh root-level flaw with no CVE A fresh Linux privilege escalation bug dubbed “Dirty Frag” has dropped into the wild with no patches, no CVE, and a public exploit that hands attackers root access across major distributions.Security researcher Hyunwoo Kim disclosed the local privilege escalation flaw on Friday after what he ...
- Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto
May 7, 2026
Police have arrested and brought 44 charges against three men for allegedly operating an SMS blaster in downtown Toronto. The scheme, which began in November 2025, is the “first known instance” of an SMS blaster operating in Canada, according to the police report. In a statement, the Toronto Police Service said it believes tens of thousands of ...
- Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
May 6, 2026
Researchers at Rapid7 say that they have spotted what they believe was an Iranian intelligence cyber unit masquerading as the Chaos ransomware gang to hide a state-sponsored espionage operation. The intrusion was spotted earlier this year, and investigators say breadcrumbs left behind give them “medium confidence” in saying it was the work of MuddyWater, which has ...
- DOJ says ransomware gang tapped into Russian government databases
May 6, 2026
A U.S. court has sentenced Latvian hacker Deniss Zolotarjovs to more than eight years in prison following his conviction for carrying out ransomware attacks. The Justice Department accused the hacker of working for a notorious Russian ransomware gang called Karakurt, which was led by former leaders of the Akira and Conti ransomware gangs, who were sanctioned ...