Russian-developed code behind Target data breach

The malware responsible for the data breach at US retailer Target had been written in Russian, a new report revealed.

Security researchers at US-based cyber intelligence firm, IntelCrawler, revealed that the data breach carried out as part of operation described as Kaptoxa, used low-cost malware known as BlackPOS, which was developed by a 17 years old Russian in March 2013.

The report also added that the same malware might be involved in the Neiman Marcus attack.

Initial infections were identified in Australia, Canada and then in the US, while a number of copies of BlackPOS/Kartoxa were also sold in source codes.

The online security firm iSIGHT Partners assisted the research and create the report, together with the Department of Homeland Security, the US Secret Service and the Financial Services Information Sharing and Analysis Centre.

iSIGHT report noted: "The use of malware to compromise payment information storage systems is not new.

"However, it is the first time we have seen this attack at this scale and sophistication," the security firm added.

"This software contains a new kind of attack method that is able to covertly subvert network controls and common forensic tactics, concealing all data transfers and executions that may have been run, rendering it harder to detect.

"Many retail organisations may not know that they have been infected, or that they have already lost data."

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing