Carbanak Group Launches Stealthy Malware Campaign Targeting Point of Sale Devices

Cybercrime gangs are far more troublesome than most people give them credit for. One of those gangs, which goes by the name of Carbanak, is now targeting the hospitality and restaurant industries. By using social engineering techniques, they attempt to trick call center staff into downloading malware which affects point of sale terminals.

Carbanak Is Stepping up Their Game In A Big Way

Most people will recall the Carbanak name, as this band of cybercriminals stole US$1bn from banks and other financial institutions around the world a while ago. While some people would consider this big score a reason to rest on their laurels, the Carbanak group is not done just yet. In fact, it seems that they are back with a new plan.

To be more precise, the Carbanak members are now going after call centers related to restaurants and hospitality service providers. Credit card payments are very common at these locations, which make them a prime target for online criminals. Retrieving sensitive payment information is not an easy task, although there are ways to make the job a lot easier.

By tricking staffers into downloading emails with malicious attachments, Carbanak can spread malware to point of sale devices. Once they have successfully done so, the malware will log every credit card processed by the terminal, and send that information back to the crime group.  In fact, it appears that their victims are mainly US-based, for some unknown reason.

No expense is spared by the Carbanak group to execute these attacks. Not only are they directly calling support staff to execute their scam, but they even set up fake company websites to make their claims seem more legitimate. Additionally, they aim to build personal relationships with the people they call up in order to gain their trust over time.

Security researchers indicate that these new attacks began about six weeks ago. It remains unclear how successful Carbanak has been with this method, but their level of professionalism is a legitimate reason for concern. Three companies have been identified as potential victims of this trickery, and an internal investigation is underway as we speak.

With in-house developed malware at their disposal, it will be tough to thwart these attacks before they can cause big damage. The Carbanak team rewrote their own malware to avoid detection, and the new variants have not yet been examined. Such an “incredibly stealthy” malware campaign can cause a lot of damage in a short amount of time unless companies are prepared for it.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.