View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 8, 2014

Alleged Home Depot breach may have involved Target malware

BlackPOS virus is apparently run by cybercriminals who hate the United States.

By Jimmy Nicholls

An alleged payment cards breach against the American DIY chain Home Depot involved the same malware as that used against the retailer Target, according to sources who spoke to security blogger Brian Krebs.

A report on Kerbs website claimed that BlackPOS, also called Kaptoxa, had infected store registers, enabling card details to be stolen upon swiping.

A new strain of the malware was discovered in the wild by security firm Trend Micro in late August, and is said to have improved card capturing capacity and the ability to disguise itself as an antivirus component.

Rhena Inocencio, threat response engineer at Trend Micro, said: "In one the biggest data breach we’ve seen in 2013, the cybercriminals behind it, offloaded the gathered data to a compromised server first while a different malware running on the compromised server uploaded it to the FTP.

"We surmise that this new BlackPOS malware uses the same exfiltration tactic."

Alongside the capacity to steal card details the malware also contains links to media hostile to the US, including a cartoon of a matchbox emblazoned with the American flag stood alongside Molotov cocktails bearing the flags of Ukraine, Syria, Egypt and Libya.

A previous investigation by Krebs linked the cybercriminal Rescator responsible for selling card details taken from Target to propaganda supporting Libyan despot Muammar Gaddafi.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Home Depot has released a statement saying it is investigating unusual activity in conjunction with banks and police, but has not confirmed a breach.

The attack on Target during the winter of last year is thought to have cost the retailer $148m, and prompted the departure of the firm’s chief information officer and chief executive.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.