“I Paid Twice” Scam Infects Booking.com Users with PureRAT via...

Description

Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.

Visit Original Source

Basic Information

ID HACKREAD:2FB634F22221835330947D637FA07B25

Published Nov 7, 2025 at 15:50

{
    "lastseen": "2025-11-07T16:43:40",
    "description": "Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.",
    "published": "2025-11-07T15:50:09",
    "modified": "2025-11-07T15:50:09",
    "type": "hackread",
    "title": "\u201cI Paid Twice\u201d Scam Infects Booking.com Users with PureRAT via ClickFix",
    "source": "",
    "references": "",
    "id": "HACKREAD:2FB634F22221835330947D637FA07B25",
    "bulletinFamily": "blog",
    "cwe": null,
    "cvelist": [],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 0,
        "severity": "NONE",
        "vector": "NONE",
        "version": "NONE"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://hackread.com/i-paid-twice-scam-booking-com-purerat-clickfix/",
    "category_name": "News",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix_HACKREAD:2FB634F22221835330947D637FA07B25

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply