The malicious software that infected Target Corp. popped up in January 2013 with a price tag of $2,000 and spent nearly a year evolving in the Internet's black markets before an unknown attacker slipped it into the retailer's computer systems.
That life cycle, pieced together by security firms that track down and identify dangerous software, shows the new nature of the threat faced by American retailers hoping to defend themselves from attacks like that at Target, which compromised 40 million credit and debit cards over the holidays.
Security experts say computer intrusion has evolved from one of solitary hackers or groups of hackers into an industry where rogue programmers are developing tools they can sell on an increasingly formal online marketplace. The buyers, often tied to organized crime, are in turn bringing greater sophistication and ambition to their efforts.
The targets, increasingly, are American retailers, which continue to rely on magnetic-stripe credit-card technology, which is less secure than the chip-based cards that have been used for years in Europe. Luxury retailer Neiman Marcus Group also suffered a data breach over the holidays. On Tuesday, sporting-goods maker Easton-Bell Sports Inc. said it too was attacked, with data from around 6,000 online shoppers stolen during December.
The new trend "is to move directly against these massive storage databases for credit cards," said Dmitri Alperovitch, chief technology officer of security firm Crowdstrike Inc., and an expert in Russian-speaking cybercriminals. In the past, Russian-speaking hackers tended to focus on fraud through email scams or other unsophisticated attacks, he said.
An early version of the malicious computer code that many experts believe hackers used on Target's sales terminals was spotted in January 2013 by computer security firm Symantec Corp. SYMC +1.37% and multiple security firms familiar with the retail hacks.
Symantec dubbed the malware Reedum. Other security firms that spotted it took to calling it Kaptoxa, a Russian slang word for potato. By February, a version of the software was being offered on hacker forums for around $2,000, advertised for stealing payment-card numbers, according to cybersecurity experts who were tracking the malware.
The Reedum malware worked like a Trojan horse by hiding its malicious nature and compromising systems from inside. According to iSight Partners Inc., once injected into retailers' computer systems, the software would seek out payment programs and monitor for the data on cards' magnetic stripes, which during the authorization process would be unencrypted and stored in the payment system's memory.Read the rest of the story HERE.
If you like what you see, please "Like" us on Facebook either here or here. Please follow us on Twitter here.
No comments:
Post a Comment