A formidable new Trojan is threatening to eat up the hospitality sector. It’s the brainchild of infamous hackers Carbanak (aka FIN7), who have previously cut lucrative swathes through the financial community. Using Bateleur, a sophisticated new JScript backdoor Trojan, the hacking team is launching phishing attacks on restaurants to harvest passwords, screenshots and custom commands.
Security researchers suggest that this new attack weapon is packed with a menu of advanced features. For instance, it can deploy sandbox evasion and anti-analysis tricks to escape detection while it gobbles up more victims. It can also uninstall and update itself, as well as using a variety of techniques to bamboozle its unwitting targets into believing it’s legit.
Bateleur, which derives its name from a species of eagle, is not yet the finished article, but researchers caution that it is constantly evolving and adding new functionality that will give it ever more firepower and stealth.