SlashNext’s report uncovers thousands of purchasable Airbnb accounts available on online platforms.
SlashNext, a cybersecurity and IT solutions company, reveals that Airbnb’s widespread popularity exposes it to cybercriminal activities such as scams, fake accounts, and fraudulent hosts.
These info-stealers, also used to gather ChatGPT credentials, infiltrate devices and send acquired logs to attackers. While they typically head to servers, SlashNext points out that delivery may happen via email or secure chat apps like Telegram in specific cases.
The primary focus is on Airbnb account cookies—compact files on users’ devices containing preferences and browsing history. Cybercriminals steal, buy, and sell these cookies on online platforms. This strategy grants momentary account access without needing usernames or passwords.
For example, hackers can buy stolen Airbnb cookie databases, load them into browsers, and secretly access victims’ accounts. They can then impersonate genuine users, making reservations or executing unauthorized actions discreetly. However, swift action is vital since session cookies usually expire quickly.
After obtaining access, cybercriminals aim to profit from the acquired data. A common approach involves directly selling account details to fellow cybercriminals on online forums or popular stores that facilitate such transactions.
SlashNext reveals that online marketplaces offer thousands of Airbnb accounts for purchase. The prevalence of Airbnb account theft has led attackers to sell “account checkers,” which are automated tools rapidly testing Airbnb accounts from a text file.
Story credit
