Monday, February 3, 2014

POS Malware Used to Attack Target was On Sale at a Cybercrime forum

During the last holiday season, 110 million customers' credit and debit card numbers, names, addresses, and phone numbers have been compromised. The attackers stole the data through the use of malicious software that targets Point-of-sale systems. The credit and debit card numbers were collected through the magnetic stripes of the cards when swiped through the machine when making a purchase. The software was made especially not to be detected by the security system. Further investigation has led to an individual under the name "Antikiller" who was selling the software for $2,300 at a cybercrime forum. While the culprit remains unknown, there is however a clue found from a video update of the author of the malware. A link to a Russian social networking site can be seen in the screen.

            Cyber security is such an important yet such a vulnerable thing in today’s technology and internet driven society. As stated in the article, various services used to detect or scan for malware such as ThreatExpert by Symantec and Virustotal by Google, were not able to detect the software implanted into Target’s system at the time that it was implanted. This raises a lot of security issues. If malicious software can now be easily disguised and pass through firewalls of large corporations’ databases, such as Target’s, then many other company’s and maybe even government databases can possibly be breached. It’s frightening and shocking that individuals are able to create such software that surpasses antivirus software and security protocols. Furthermore, if large company’s databases can be breached so easily, this just heightens the insecurity for individuals who use the internet and have personal and financial data stored in their computers.

            One crucial thing in question is which POS system Target is using. The type of system target is using could answer a lot of questions about the malware. It could reveal information that can be helpful to the investigation such as how the encrypted data was gathered and how it was implanted and enabled to gather data. Target, however, has not commented on which POS system they are using. There is a reasonable ground to assume that Target is using the same POS system as many stores in the United States have been traditionally using. If this is true many other retailers’ databases are in danger of being breached.

This whole hacking scenario is a nightmare that has woken up corporations like Target as many other retailers have been breached. Hopefully through the investigations, the culprit can be caught and information can be gathered in order to improve current database security systems. This data breached has cost Target millions of dollars, consumer trust, and credibility. This attack should be seen as a wakeup call in order to improve and constantly update current security systems even more than they already have been because cybercriminals are constantly developing many ways to break into databases and are always developing malicious software.

            Cyber security has become a nightmare with the rise of cybercrime forums, sites that sell malware, and those individuals that perpetrate attacks. The government should crack down more and even harder on such forums and perpetrators because not only are large corporations hurt, ultimately it is the millions of people with data stolen who are the primary victims. 


Source: http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/

No comments:

Post a Comment