Spanish police arrested a hacker who allegedly manipulated a hotel booking website, allowing him to pay one cent for luxury hotel stays. He also raided the mini-bars and didn't settle some of those tabs, police say.

"This cyberattack was specifically designed to alter the payment validation system, and this is the first time we have detected a crime using this method," Spain's National Police told media outlets.

The man, a 20-year-old Spanish national, was arrested while staying at a Madrid hotel with a four-night reservation that carried a €4,000 ($4,716) price tag – unless you hacked the payment system, as this fraudster did. 

According to the cops, he stayed at this hotel several times, costing the business more than €20,000 ($23,608) in losses.

Police began investigating the suspect earlier this month after an unnamed online booking website reported suspicious activity. The transactions appeared normal, indicating the man paid the full amount – at first. 

• Moon hotel startup hopes you get lunar lunacy, drop $1M deposit for 2032 stay
• Kaspersky: RevengeHotels checks back in with AI-coded malware
• Polish cops nab 47-year-old man in Phobos ransomware raid
• Payroll pirates are conning help desks to steal workers' identities and redirect paychecks

Days later, however, when the site transferred the actual amount paid to the hotel, the payment-validation scam surfaced, indicating that the crook paid just one cent for rooms costing €1,000 ($1,179) per night.

Adding insult to injury, police said that the man also consumed mini-bar bottles and sometimes left those bills unpaid, too. 

While he may be facing a free stay at a mini-bar free, unluxurious facility for his alleged crimes, we have an idea for his next big vacay, post-prison: an inflatable moon hotel.

The definitely-going-to-happen hotel, slated to open in 2032, requires a deposit of either $250,000 or $1 million. No word on whether GRU Space, the hotel's operators, have received any one cent deposits – yet. ®