Article Lead Image

The Trojan horse that ruined Christmas for Target

A phony program known as Trojan.POSRAM is to blame for Target's data breach in December.  


Chase Hoffberger

Internet Culture

Posted on Jan 17, 2014   Updated on May 31, 2021, 9:06 pm CDT

Blame that massive Target hack on the 21st century’s Trojan horse. 

A phony program known as Trojan.POSRAM is to blame for a data hack making public the personal information for upwards of 70 million Target shoppers in December, a heist that extracted everything from names and phone numbers to mailing addresses and personal emails. 

According to iSight Partners, a cyber intelligence company that read an internal report produced by the U.S. Secret Service, the code came to bear from a similarly effective bug known as BlackPOS, developed last year in Russia, and a few “other malicious tools to penetrate networks.” Those additional tools made Trojan.POSRAM more advanced: The program’s technology allowed it complete ambiguity among antivirus programs. 

Once in, the program monitored and subsequently siphoned data stored on Target’s system through a series of memory extractions on payment application programs. iSight cybercrime analyst Jayce Nichols said the individual components of the entire program aren’t exactly highly sophisticated, but its overall composition is. 

“While some components of the breach operation were technically sophisticated,” iSight writes in its own report about the malware, “the operational sophistication of the compromise activity makes this case stand out. The intrusion operators displayed innovation and a high degree of skill in orchestrating the various components of the activity.”

Photo via Mr. T in DC/Flickr

Share this article
*First Published: Jan 17, 2014, 12:08 pm CST