Hackers Are Now Targeting Restaurant Chains
Recent malware attempts could put customers' information at risk.
In 2017, the NSA has been hacked. The CIA has been hacked. Verizon has been hacked. Virgin American has been hacked. iCloud has been hacked. But now, the hackers have gone too far—because they've hacked restaurant chains across the US.
Well, almost. Hackers dubbed Carbanak—who have previously stolen information from other hospitality industries, including retail and merchant services—are trying to infiltrate chain restaurants so they can steal passwords, execute commands, and more, according to ZDNet, which appears to have broken the news to media today. (Chipotle's payment system was also hacked earlier this year, and thusfar it's unclear if this is a related incident.)
Researchers at Proofpoint discovered the backdoor hack, an attack on Windows operating systems. However, the names of any potentially breached chains were not mentioned in ZDNet or Proofpoint's reporting.
Here's how the hacking ruse works: an email sent from an Outlook or Gmail account alerts a restaurant about information on a previously discussed check in a Word document, Proofpoint explains. The email promises the attachment "is encrypted by Outlook Protect Service," but of course, it's not. The attachment is instead a virus.
So what's this virus capable of? ZDNet says it has "anti-sandbox functionality and anti-analysis obfuscation," and is "also capable of retrieving infected system information, listing running processes, execution of custom commands, and PowerShell Scripts, uninstalling and updating itself and taking screenshots."
If that sounds like a lot of garblely-gook—which we understand—consider this: the virus can also infiltrate passwords, and that could lead to sensitive information being released or held ransom, as we've seen in many other ransomware attacks.
For now, your information seems safe. But this is one story those who frequent restaurants—and especially chain restaurants—will want to follow closely.