Sergey Taraspov from St.Petersburg is believed to be the architect of the malware that hacked up to 110 million Target customers
Taraspov, who goes by the online nickname need4, developed the malicious software known as BlackPOS that was used to skim credit card numbers and other personal information from millions of shoppers at Target, Neiman Marcus and other retailers.
RUSSIAN TEEN ‘MADE SOFTWARE USED IN TARGET HACK THAT STOLE 110 MILLION CREDIT CARD NUMBERS
17-year-old allegedly wrote code that gave hackers access to Target's point of sales system and all its cash registers, with almost all of Target's 1,797 stores in the U.S. targeted as 40,000 credit card swipe machines were hacked
Mail Online
January 18, 2014
A baby-faced teenager is the key suspect behind the software that was used in the massive security breach at Target over the holidays.
As many as 110 million Target shoppers had their credit card details stolen after a computer program was written to collect the credit card details of shoppers.
The data theft, unprecedented in its scale, took place over a 19-day period that began the day before Thanksgiving. Target said that it identified and resolved the issue on December 15.
It is thought hackers obtained the data by remotely installing software on 40,000 credit card machines in nearly all of Target's 1,797 stores nationwide.
It's also thought the malicious software, or malware, has infected the payment systems of six other retailers too.
The firm, IntelCrawler, which has tracked the malware’s architect for months, believes the main suspect to be a 17-year-old Russian.
He’s a 17-year-old with 'roots' in St.Petersburg, Russia, who goes by the online nickname 'ree4,' according to the report and conversations with executives from IntelCrawler.
IntelCrawler CEO Andrew Komarov didn’t accuse the young man of the Target heist but said he believes he developed the software used to skim credit card numbers and other personal data from millions of Target shoppers.
The malware, known as BlackPOS, has been downloaded at least 60 times since it was created, Komarov said.
IntelCrawler has alerted US authorities and Visa of the fresh attack targets, Komarov said. The firm began detecting large-scale cyber attacks on point-of-sale terminals across the U.S., Canada and Australia in early 2013. The company is not aware of any non-U.S. retailers now being attacked with BlackPOS software, Komarov said.
The CEO began investigating the malware case in March at the request of banking clients and pretended to be a 'bad actor' seeking to acquire the BlackPOS software.
The architect was selling the malware for $2,000 a time, but offered discounts to buyers who agreed to split the profits they reaped from the product.
After Target revealed that its massive security breach was due to BlackPOS, Komarov went back to track down the architect’s ID.
The Target attack has potentially compromised 40 million card accounts with some 70 million shoppers’ email and other personal information also stolen from a separate system during the security breach.
Target has advised its customers to check their statements carefully. Those who see suspicious charges on the cards should report it to their credit card companies and call Target at 866-852-8680.
No comments:
Post a Comment