Today > 1 Critical | 6 High | 24 Medium vulnerabilities   -   You can now download lists of IOCs here!

Telekopye transitions to targeting tourists via hotel booking scam

Nov. 18, 2024, 5:03 p.m.

Description

ESET researchers have discovered that Telekopye, a Telegram-based toolkit used by cybercriminals to scam people on online marketplaces, has expanded its operations to target users of popular accommodation booking platforms like Booking.com and Airbnb. The scammers, referred to as Neanderthals, now utilize compromised accounts of legitimate hotels to contact potential victims with fake payment issues. This new scam scenario provides personalized, legitimate-looking information, making it harder to detect. The scammers have also implemented advanced features such as automated phishing page generation, interactive chatbots with translation capabilities, and anti-DDoS measures. Recent law enforcement operations have shed light on the groups' recruitment practices, revealing a dark side to their operations.

Date

Published: Nov. 17, 2024, 12:25 a.m.

Created: Nov. 17, 2024, 12:25 a.m.

Modified: Nov. 18, 2024, 5:03 p.m.

Attack Patterns

Telekopye

Telekopye

T1056.003

T1586.002

T1585

T1583.001

T1585.002

T1587.001

T1589

T1588.002

T1566.002

Additional Informations

Retail

Hospitality

Finance

Czechia

Ukraine

Russian Federation