- Ohio KKK rally met with massive counter-protest and witty signs from local businesses Saturday 5:06 PM
- Guy who said he stole drugs from MS-13 now says viral story is fake Saturday 4:07 PM
- Financial service company left 885 million private records exposed online Saturday 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Saturday 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Saturday 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Saturday 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Saturday 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Saturday 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Saturday 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Saturday 6:30 AM
- How to watch the Copa del Rey Final online for free Saturday 5:45 AM
- How to watch the DFB-Pokal final for free Saturday 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
The malware that hacked Target was written by a 17-year-old Russian kid
A 17-year-old wrote the malware behind that massive Target hack
In December, Target warned customers it had been hacked. During the holiday shopping season, the big box store said, someone had gained access to its customer credit card information. It was a public relations disaster and a stark reminder that even the largest businesses can have security failures.
Then, in January, we learned the hack was far worse than initially reported, affecting up to 110 million people. Just for perspective, that’s over three times the population of Canada and just less than three times the population of California.
According to Los Angeles-based security firm IntelCrawler, it all started with a 17-year-old Russian hacker with ties to St. Petersburg, who is well known in the underground programming community.
IntelCrawler published a statement last week saying the teenage hacker created the malware known as “BlackPOS” last March, and sold it off to an unknown group or groups who carried out the attack on Target, as well as a similar attack on upscale department store Neiman Marcus.
IntelCrawler initially identified the hacker by the wrong name, but updated its report and identified the correct 17-year-old by name and linked to his VKontakte profile (we’re not identifying him by name, as he’s a minor). The security team noted the teen was not the only culpable party: “He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers,” IntelCrawler President Dan Clements commented in the statement.
Some of the suspected customers who bought and used the malware: Russian mobsters, according to CNN.
In an email to the Daily Dot, IntelCrawler CEO Andrew Komarov warned that more BlackPOS attacks on other department stores are likely imminent, adding that he’d already reached out to Visa, Mastercard, and several U.S. banks. Here are the warning signs he gave them:
– Point-of-Sale terminal showed error or was temporarily disconnected from the host computer
– Active use of network connections through FTP (File Transfer Protocol) during business hours
– Your antivirus software was deleted or stopped, it shows use the error during updates;
– Suspicious files with names «mmon.exe», «well.exe», «mbot.exe» and other;
– New binary files in task scheduler, as bad actors use it for interval RAM scanning
In addition to looking out for these attack signals, Komarov recommended following the steps laid out by a report by iSight Partners detailing the attack. iSight worked with the U.S. Secret Service and released a report urging retailers to call U.S. Secret Service Field Office/Electronic Crimes Task Force.
Now that more information about the malware is known, hopefully retailers can get in front of these attacks before another security snafu. Still, cash is looking mighty appealing right now.
Kate Knibbs is a notable tech reporter and pop culture essayist. A former staff writer for the Daily Dot, her work has appeared in Gizmodo, the Ringer, AV Club, Digital Trends, Popular Mechanics, and Time.