Russian Teen Allegedly Sold Target Breach Software
Publication Date 01/19/2014
A Russian teenager allegedly authored the malware behind the Target data breach during the holiday shopping season, a cyber security firm said Sunday, and the same malware may have also been involved in the Neiman Marcus attack, it says.
IntelCrawler, based in Los Angeles, says Sergey Taraspov, with roots in St. Petersburg, authored the malicious software and reportedly sold it for about $2,000 to dozens of cybercriminals in Eastern Europe and other countries.
“The probability is rising that the perpetrator of the (Target breach) got the program from him,” says Dan Clements, IntelCrawler president.
The firm says Taraspov is “close” to 17 years old. The firm’s CEO did the first report on the malware, known as BlackPOS, earlier last year and Taraspov was identified then as the alleged author, Clements says. Taraspov allegedly is a well-known programmer of malicious code in the underground world, IntelCrawler says.
Target, the nation’s second-largest retailer, has apologized for the security breach, which it said affected up to 110 million shoppers. Neiman Marcus has not said how many customers were affected by its breach, though several security analysts have said they believe it was at least 1 million shoppers.
Officials at Target were not immediately available for comment Sunday.
Clements says IntelCrawler has uncovered six other breaches at retail stores, including two small clothing firms in Los Angeles and four mid-sized department stores in Colorado, Arizona, New York and California. The firm declined to name the retailers, but says it has forwarded information to law enforcement officials.
The software reportedly enabled the thieves to remotely hack into the retailers’ computer systems and obtain customer credit card and pin numbers, which were sent back to a computer controlled by cyber thieves.
State and federal officials, including the Secret Service, have launched an extensive investigation into the breaches.
Copyright 2014 USATODAY.com