Menu
This malware attack starts with a fake customer-service call

This malware attack starts with a fake customer-service call

The hackers call hotels, then send email attachments that look like customer information

Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into installing malware by calling their customer services representatives and convincing them to open malicious email attachments.

The culprits in these hacks, which are designed to steal customers’ credit card numbers, appear to be the Carbanak gang, a group that was blamed last year for stealing as much as $1 billion from various banks.

On Monday, security firm Trustwave said that three of its clients in the past month had encountered malware built with coding found in previous Carbanak attacks.

This particular campaign has been preying on the hospitality industry, said Brian Hussey, Trustwave’s global director of incident response. The hackers start by calling a business’s customer service line and pretending to be clients who can’t access the online reservation system.

To spread the malware, the hackers also send an email to the customer service agent with an attached word document purportedly containing their reservation information. In reality, this document is designed to download malware to the computer.

The hackers are very persistent, Hussey said. “They’ll stay on the line with the customer service rep until they open up the attachment,” he said. “They have excellent English.”

The hackers can also be very convincing. They appear to be researching their targets on business networking site LinkedIn and finding out the names of company department heads.  “During the call, they’ll do some name-dropping to establish credibility,” Hussey said.

Once the malware is installed, it can download other malicious tools to tamper with the rest of a business’s network. The goal of the attack is to record credit card numbers from point-of-sale machines or e-commerce payment processes, according to Hussey.

In recent years, retailers, restaurants and hotels all have been hit by similar attacks intended to steal payment card data. The malware in this case is more broad-reaching than most. It includes the ability to snap screenshots from the desktop, steal passwords and email addresses and scan a network for valuable targets.

Most, if not all, antivirus engines have failed to detect the malware used in these hacks, according to Trustwave. 

"We've talked to our law enforcement contacts, and they are seeing the same thing," Hussey said. 

In a blog post, TrustWave outlined the technical details of the malware and other indicators that businesses can use to determine if they’ve been compromised.

“Once this malware finds what it wants, it can steal every single credit card that passes through your servers,” Hussey said. “For a large restaurant chain, that can be a million customers over a period of time.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments