Target attack part of wider hack affecting others, linked to teen in Russia

Target Attack Part Of Wider Hack On Six Other Stores, Linked To Teen In Russia

The Target (TGT) attack that has affected up to 110 million customers is part of a wider hack also impacting six other retailers, including Neiman Marcus, and is linked to a 17-year-old in St. Petersburg, Russia.

The revelation comes following an investigation by a cyber-crime company, which has linked the same malicious software that infected the point of sales machines at Target stores to six ongoing attacks on US retailers.

According to Andrew Komarov, chief executive officer of IntelCrawler, his company has informed law enforcement, credit card processors, and intelligence officials of their findings.

Komarov says payment card data was stolen during the Target attack, however he doesn’t know how much information hacker(s) gained access to.

The findings are indication that the two reported attacks are part of a wider assault on US customers’ data security.

On Thursday, the US government and private security intelligence company iSIGHT Partners warned merchants and financial services firms that the BlackPOS software — which was used against Target Corp. — has also been used in a series of other breaches at retailers. No further information on the current investigation was released.

Komarov told the news agency Reuters Friday that it had identified retailers in New York and California as victims of the same hack that Target was attacked with. No names were made public.

BlackPOS is a malicious software developed by a hacker known as “Ree4” — who is believed to be 17-years-old — and, according to IntelCrawler, lives in St. Petersburg, Russia.

The reports indicate the teen sold the program to cyber-criminals who launched the attack on Target and other merchants. Komarov says he has been monitoring the user since March.

Even though Komarov didn’t reveal his sources, he shared that he monitors criminal forums where “Ree4” sells his software and came across a chat with a client, which he shared on the website.

Following the revelations that Target had been the victim of the cyber attack, the company disclosed that 40 million customers had been affected by the breach and earlier this month informed 70 million additional customers records had been stolen, including PIN numbers, passwords, and other personal information.

Last week, Neiman Marcus also said that it had been attacked in a similar way and sources say at least three other well-known retailers have been hacked by the same software.

John Watters, chief executive of iSIGHT Partners, says the attacks will only grow, warning that copycats will try to do the same with software that can be easily purchased in the online black market.

“They are saying: ‘This is a great idea.'” Watters says.

The Target and Neiman Marcus attacks were successful infecting the Windows based point of sale systems and avoiding detection by antivirus software installed by the retailers. Target has offered free credit reporting for customers affected.

Comments