The next time you check in to a hotel, a cybercriminal could be checking you out. A remote access computer Trojan (RAT) designed to steal credit card details from hotel point-of-sale (PoS) applications is being sold on the underground forums, according to researchers from security firm Trusteer.
Trusteer, the world’s leading provider of secure web access services, detected these schemes and says hotel poaching is a virile trade in underground and tech forums. Attack codes can be purchased in Visa underground forums for $280 and the spyware cannot be detected by anti-virus software. The package even includes a manual loaded with tips on how the poacher can trick the desk clerk into loading the spyware for them.
Malware writers often repackage their malicious installers with new algorithms in order to evade signature-based antivirus detection, said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDefender.
"The fact that the RAT's creator decided to target the hospitality industry is consistent with a recently observed change in the focus of cybercriminals - an expansion from online banking attacks to attacks against PoS systems, Criminals are increasingly expanding the focus of their attacks from online banking targets to enterprises," said Trusteer's CTO Amit Klein.
While this credit card scam seems nearly impossible to detect and prevent, you can keep your finances, and identity, in check by routinely monitoring your bank balances, and reporting any suspicious or unauthorized transactions to your bank immediately.