Security firm Trusteer has uncovered a new remote access computer Trojan (RAT) for sale on a black market forum. It is designed to steal credit card and billing information from hotels. For $280, you can purchase the RAT along with instructions on how to scam front desk managers into installing the program.
According to the seller, the malware will not be detected by any antivirus program. Many malware writers repackage their installers with new algorithms to evade most signature based antivirus detection. This allows the repackaged samples to be delivered by e-mail or instant messaging, which is not stopped by the network perimeter.
There is currently a shift in targets for cyber criminals. Instead of focusing on online banking attacks, many are turning to POS, or point of sale, systems. Hotels are increasingly being targeted because of their lack of IT knowledge and the large amount of credit card information they deal with on a daily basis.