RAT Malware Steals Credit Card Data Maintained at Hotels

Experts at Trusteer the security company are alerting of one RAT (Remote Access Trojan) that captures credit card data maintained on POS (point-of-sale) software in hotels, and which's getting sold for $280 on illegal websites.

CTO Amit Klein at Trusteer stated that the Trojan was created for hijacking computers at hotels' reception desks. If loaded, it downloaded one spyware, hard for detecting, which seized screenshots out of POS software, particularly for sneakily filching credit card details, including their expiration dates, he described. Scmagazine.com published this dated April 19, 2012.

The $280 cost of the Trojan includes customer service as well for the buyer, comprising directions on how to use the malware as well as apply social engineering through Voice-over-Internet Protocol for so tricking hotel receptionists that they will load the Trojan on their computer systems. The RAT can as well get loaded through instant messages or spear-phishing e-mails alternatively, through 'drive-by downloads' pushed from malicious websites, Trusteer enumerates.

For demonstrating that the RAT combined with the spyware works, a screenshot was captured via the RAT loaded on the POS system, an internationally biggest hotel uses. This remotely-captured screenshot displayed the POS software as containing a large database of customer details that were jotted down during check-ins.

Furthermore, the spyware was undetectable by anti-virus programs, implying it could keep carrying out its malicious tasks unidentified, which indeed evokes concern.

Meanwhile, the majority of RATs upload or download files, intercept keystrokes, as well as execute arbitrary malware that help them to carry out various cyber-criminal operations.

Over the recent past, the RAT hit the hospitality sector very hard. For instance, a glamour-studded hotel in Albany, New York also used for holding conferences and weddings, The Desmond declared in March 2012 that a database of its guests' credit card details collected during the period May 21, 2011-March 10, 2012 might've been lost to hackers.

Cyber-criminals are intensifying their attacks more-and-more on business centers, particularly hotels rather than stick to banking targets. An explanation for this lies in large-business computers that have the capacity to foment exceedingly lucrative digital assets, once the systems are compromised, state specialists.

Related article: Red Condor Alerts Users of a New Virus in a Twitter Invitation

» SPAMfighter News - 4/26/2012