Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek

Trending

Filed under: News

 

BlackPOS Malware Used In Target Attack On +70 Million Customers Retails For $1,800

Jan 15 2014, 11:11pm CST | by

10 Updates
BlackPOS Malware Used In Target Attack On +70 Million Customers Retails For $1,800
Photo Credit: Forbes
 
 

Comments

Full Story

BlackPOS Malware Used In Target Attack On +70 Million Customers Retails For $1,800

The massive data breach at Target during the 2013 holiday shopping season which the retailer now admits affected from 70 to 110 million customers used an inexpensive “off the shelf” malware available online for as little as $1,800 reports title="krebs on security on target malware attack">Krebs on Security . This malware, known as BlackPOS is likely of Russian origin and may have also been involved in the Neiman Marcus attack—and others allegedly known but not confirmed.

The malware was surreptitiously installed on the embedded Windows OS computers on the point of sale (POS) terminals in all of Target’s U.S. stores. The company’s Canadian outlets apparently use a different software system and were not targeted in the attacks. Although the magnetic stripe information is encrypted on its way out of these POS terminals on its way to the financial institutions for verification, the data is briefly stored in plain text in the unit’s RAM (memory.) Thus, the malware “scrapes” this info from the RAM and stores it until it can be retrieved in batches through a persistent remote connection.

The real weakness, though, is not in the POS terminals but in Target’s central data network. The crooks apparently had an open channel to every POS terminal in every Target store for over two weeks! The price of the malware itself indicates that it’s not rocket science, but neither, I guess, is cracking the whole network.

The POS terminals themselves can be replaced with newer models that encrypt end to end. This will be expensive, but nothing, obviously, compared to the hit that Target has taken thus far. It is surprising that its overall network is so open. The same things that make for convenient remote administration also create huge security holes. WiFi networks have been implcated in previous larger retail breaches, but Target has not specified the vector of the attack. All that Target CEO Gregg Steinhafel was willing to tell CNBC in an interview on Saturday was that, ”We don’t know the full extent of what transpired, but what we do know is that there was malware installed on our point-of-sale registers. That much we’ve established.’”

According to Reuters , “smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target.” Brian Krebs of Krebs on Security says he is not ready to confirm this but assures that “when and if I have information about related breaches I feel confident enough about to publish, you will read about it here first.” I’ll be looking for that any day now…

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content , please subscribe to my updates on Facebook , follow me on Twitter  and App.net  or add me on Google+ .

Source: Forbes

 

iPad Air Giveaway. Win a free iPad Air.

You Might Also Like

Updates


Sponsored Update

Update: 10

4 Firms In Iskandar Malaysia Get Facilitation Fund Totalling RM16.2 Million

Source: Malaysia Today

(Bernama) – Four companies have received the facilitation fund amounting to RM16.2 million from TERAJU@Iskandar Malaysia in an information sharing programme on business opportunities and assistance ...
Source: Malaysia Today   Full article at: Malaysia Today 4 days ago, 7:42am CDT
 


Advertisement


Update: 9

Selangor’s Watergate about to explode

Source: Malaysia Today

Anwar brought Wan Azmi to meet Khalid to try to resolve this matter. Anwar supports the RM2.5 billion claim but Khalid is stubbornly sticking to the figure of RM250 million.... READ ...
Source: Malaysia Today   Full article at: Malaysia Today 5 days ago, 4:12am CDT
 

More From the Web

Update: 8

GLCs told to provide RM7 billion to develop Bumiputera firms

Source: Malaysia Today

(The Malaysian Insider) – Putrajaya has directed government-linked companies (GLC) to generate RM7 billion in business opportunities for Bumiputera firms this year, Prime Minister Prime Minister Datuk Seri Najib R ...
Source: Malaysia Today   Full article at: Malaysia Today Jul 17 2014, 2:05am CDT
 

Update: 7

Rafizi shows proof of Putrajaya’s hand in contentious carpet-trader loan

Source: Malaysia Today

Eileen Ng, The Malaysian Insider PKR lawmaker Rafizi Ramli today revealed documents to prove Putrajaya interfered in the RM32 million Bank Rakyat loan to ‎controversial businessman Deepak Jaikishan. Rafi ...
Source: Malaysia Today   Full article at: Malaysia Today Jul 16 2014, 2:16am CDT
 

Update: 6

PAS MP claims Bank Rakyat loaned carpet-trader RM215m, interest free

Source: Malaysia Today

(Malay Mail Online) – Controversial businessman Deepak Jaikishan (pic) was given a whopping RM215 million interest-free loan from state-owned Bank Rakyat, a PAS lawmaker alleged today, despite Putrajaya’s claims otherwise ...
Source: Malaysia Today   Full article at: Malaysia Today Jul 14 2014, 5:52am CDT
 

Update: 5

MRCB, Nusa Gapurna and PKNS settle suit over RM3 billion PJ Sentral project

Source: Malaysia Today

(The Malaysian Insider) – Malaysian Resources Corp Bhd (MRCB), Nusa Gapurna Development Sdn Bhd (NGD) and PKNS Holdings Sdn Bhd have reached an out-of-court settlement over the own ...
Source: Malaysia Today   Full article at: Malaysia Today Jun 21 2014, 2:53am CDT
 

Update: 4

Story behind Syed Mokhtar’s ‘RM2.25 billion tax-exempt’ Bernas deal revealed, says PKR MP

Source: Malaysia Today

(The Malaysian Insider) – An innocuous written reply in Parliament has provided a peek into the cosy relationship between the Najib administration and Malaysia’s best-known businessman, Tan Sri Syed M ...
Source: Malaysia Today   Full article at: Malaysia Today Jun 15 2014, 12:56pm CDT
 

Update: 3

Constitutional monarchy still murky concept

Source: Malaysia Today

After the RM4.5 billion land sale, the Sultan of Johor secured a 15% stake in MOL Access Portal (MOL) for RM396 million and took a 20% st ...
Source: Malaysia Today   Full article at: Malaysia Today Jun 14 2014, 12:37am CDT
 

Update: 2

Sultan of Johor’s RM4.5 bil backlash?

Source: Malaysia Today

Has Sultan Ibrahim of Johor’s succession of big money deals over the last six months caused the tide of public opinion to turn against Johor’s royal palace? KiniBiz examines the... READ MORE ...
Source: Malaysia Today   Full article at: Malaysia Today Jun 11 2014, 8:49am CDT
 

Update: 1

Putrajaya denies carpet dealer given interest-free loan

Source: Malaysia Today

Eileen Ng, The Malaysian Insider Putrajaya today refuted allegations that Bank Rakyat had allowed carpet dealer Deepak Jaikishan to repay a RM32 million loan without interest ...
Source: Malaysia Today   Full article at: Malaysia Today Jun 11 2014, 5:44am CDT
 

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Lenovo IdeaPad Flex 15 Touchscreen Ultrabook is Great for Back to School
Lenovo IdeaPad Flex 15 Touchscreen Ultrabook is Great for Back to School
Lenovo IdeaPad is available at Amazon for $649.99. For back to school the new Lenovo Flex 15 is a great notebook. Be sure to buy yours today. Introducing the Lenovo Flex 15 - it's more than just a typical notebook....
 
 
ASUS K200MA-DS01T Touchscreen Laptop is a Great Back to School Laptop
ASUS K200MA-DS01T Touchscreen Laptop is a Great Back to School Laptop
ASUS K200MA Touchscreen laptop is available at Amazon for $299.99. Now is the time to start getting ready for baack to school. So if you are in the market for laptop for your student check out the ASUS K200MA. Everyday...
 
 
Back to School Time is Here Make Sure Your Student is Ready with the Acer Chromebook Touch
Back to School Time is Here Make Sure Your Student is Ready with the Acer Chromebook Touch
Acer Chromebook Touch is available at Amazon for $260.39. It is that time of year again time for school time to start. Be sure your student is ready with the Acer Chromebook with touch. Acer introduces its first...
 
 
ASUS Transformer Book T100TA-H2-GR Laptop is Perfect for Back to School
ASUS Transformer Book T100TA-H2-GR Laptop is Perfect for Back to School
ASUS Transformer T100TA-H2-GR is available at Amazon for $449.99. With a 10” detachable tablet, the ASUS Transformer Book T100 is the ultimate 2-in-1 portable notebook. It’s light as ever, but packs 64GB SSD storage on...
 
 
 

About the Geek Mind


Read more about The Geek Mind.