MUST READ

Luxury hotel stays for just €0.01. Spanish police arrest hacker

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85

 | 

Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

 | 

PayPal discloses extended data leak linked to Loan App glitch

 | 

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

 | 

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025

 | 

Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions

 | 

PromptSpy abuses Gemini AI to gain persistent access on Android

 | 

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

 | 

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

 | 

Irish regulator probes X after Grok allegedly generated sexual images of children

 | 

Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports

 | 

French Ministry confirms data access to 1.2 Million bank accounts

 | 

Notepad++ patches flaw used to hijack update system

 | 

VS Code extensions with 125M+ installs expose users to cyberattacks

 | 

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

 | 

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

 | 

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

 | 

Luxury hotel stays for just €0.01. Spanish police arrest hacker

Pierluigi Paganini February 22, 2026

Spanish police arrested a 20-year-old hacker accused of booking luxury hotel rooms worth up to €1,000 a night for just one cent before being caught.

Spanish police arrested a 20-year-old man in Madrid after allegedly manipulating the online payment system of a travel and hotel booking website to secure luxury hotel stays for just €0.01 per reservation. The scheme allowed him to book rooms costing up to €1,000 per night, causing more than €20,000 in losses to one hotel alone.

“He manipulated the online payment system and obtained reservations at high -end hotels , costing up to 1,000 euros per night, for minimal prices” reads the press release published by the Spanish National Police.

The investigation began on February 2 after a travel agency reported suspicious bookings on its website. Investigators found the suspect had sabotaged the integrated payment gateway, selecting a well-known international payment platform and launching a tailored cyberattack to alter the transaction validation process.

“The cybercriminal sabotaged the payment gateway system integrated into a hotel booking website. To do this, he selected the payment option through a well-known international electronic payment platform and, using a specifically designed cyberattack, altered the transaction validation process, causing the system to authorize the operation after entering only one cent.” continues the press release.

The system approved reservations as fully paid, while only one cent per booking was actually transferred. The fraud surfaced days later when the company received the minimal payments, revealing losses of about €20,000 in what police say is a previously unseen modus operandi.

After a detailed technical analysis, the police identified the suspect within just four days and arrested him while he was staying at a luxury hotel in Madrid. He had allegedly booked four nights at €1,000 per night and even consumed minibar items, leaving unpaid charges at some hotels. He was brought before judicial authorities on suspicion of computer fraud, and the investigation is still ongoing.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, luxury hotel payment hack)

Cybercrime Hacking hacking news information security news IT Information Security luxury hotel Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini February 22, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
Read more
Pierluigi Paganini February 22, 2026
Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Luxury hotel stays for just €0.01. Spanish police arrest hacker

Cyber Crime / February 22, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85

Malware / February 22, 2026

Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / February 22, 2026

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

Security / February 21, 2026

PayPal discloses extended data leak linked to Loan App glitch

Data Breach / February 20, 2026