Target breach appears to be part of broader scam

Published on NewsOK Modified: January 16, 2014 at 7:16 pm •  Published: January 16, 2014
Advertisement
;

NEW YORK (AP) — The security breach that hit Target Corp. during the holiday season appears to have been part of a broader and highly sophisticated scam that potentially affected a large number of retailers, according to a report published by a global cyber intelligence firm that works with the U.S. Secret Service and the Department of Homeland Security.

The report, made public Thursday by iSight Partners of Dallas, offers more insight into the breach at Target. That attack affected 40 million credit and debit card accounts and led to the theft of personal information, including email addresses and names, of as many as 70 million customers.

The report said that a malicious program vacuuming personal data from terminals at store check-out stations was "almost certainly derived" from BlackPOS, a crude but effective piece of software that contained malware scripts with Russian origins.

"The use of malware to compromise payment information storage systems is not new," the report said. "However, it is the first time we have seen this attack at this scale and sophistication."

Starting in June, iSight noticed the malicious software codes on the black market, the report said.

Criminals bought the original malware on the black market and then created their own attack method to target retailers' terminals at store checkout stations, iSight Partners' CEO John P. Watters said.

"It's less about the malware, but more about the sophistication of the attacks," Watters said in an interview with The Associated Press.

The report noted that because this kind of software can "cover its own tracks," it's not possible to determine the scale, scope and reach of the breach without detailed forensic analysis.

Continue reading this story on the...