- Netflix will remove controversial disaster footage from ‘Bird Box’ Sunday 4:04 PM
- J.K. Rowling’s latest ‘Fantastic Beasts’ reveal is bringing the memes Sunday 3:01 PM
- President Trump calls for government agencies to ‘look into’ ‘Saturday Night Live’ Sunday 12:18 PM
- How to stream Michael Conlan vs. Ruben Garcia Hernandez for free Sunday 11:00 AM
- ‘Pet Sematary’ is a bloodless remake of a Stephen King classic Sunday 10:50 AM
- Here’s the Marvel movie order list you didn’t know you needed Sunday 9:59 AM
- Where do 2020 Democratic candidates stand on weed? Sunday 7:00 AM
- How to stream ‘Billions’ season 4 for free Sunday 6:30 AM
- If you’re not using Vudu, you’re missing out Sunday 6:00 AM
- Everything you need to know about WhatsApp Sunday 5:30 AM
- ‘The Inventor: Out for Blood in Silicon Valley’ tries to get a read on Elizabeth Holmes Saturday 1:57 PM
- ‘Band Together with Logic’ shows us the best of the Internet Saturday 1:32 PM
- How to watch Spence vs. Garcia online Saturday 12:00 PM
- Far-right Australian politician gets egged by teen on video Saturday 11:28 AM
- Inside the solar-powered van that’s recording your favorite bands Saturday 10:48 AM
A phony program known as Trojan.POSRAM is to blame for Target’s data breach in December.
Blame that massive Target hack on the 21st century’s Trojan horse.
A phony program known as Trojan.POSRAM is to blame for a data hack making public the personal information for upwards of 70 million Target shoppers in December, a heist that extracted everything from names and phone numbers to mailing addresses and personal emails.
According to iSight Partners, a cyber intelligence company that read an internal report produced by the U.S. Secret Service, the code came to bear from a similarly effective bug known as BlackPOS, developed last year in Russia, and a few “other malicious tools to penetrate networks.” Those additional tools made Trojan.POSRAM more advanced: The program’s technology allowed it complete ambiguity among antivirus programs.
Once in, the program monitored and subsequently siphoned data stored on Target’s system through a series of memory extractions on payment application programs. iSight cybercrime analyst Jayce Nichols said the individual components of the entire program aren’t exactly highly sophisticated, but its overall composition is.
“While some components of the breach operation were technically sophisticated,” iSight writes in its own report about the malware, “the operational sophistication of the compromise activity makes this case stand out. The intrusion operators displayed innovation and a high degree of skill in orchestrating the various components of the activity.”
Photo via Mr. T in DC/Flickr
Chase Hoffberger reported on YouTube, web culture, and crime for the Daily Dot until 2013, when he joined the Austin Chronicle. Until late 2018, he served as that paper’s news editor and reported on criminal justice and politics.