LA-based security firm IntelCrawler says it has identified the individual behind the malware used to hack Target and potentially Neiman Marcus. The credit card data of up to 110 million Target customers may have been exposed in the hack, which took place in December. Neiman Marcus has not yet disclosed how many of its customers could be affected.
According to a statement released on Friday, the 'BlackPOS' malware used in the attack was created a 17-year-old based in St. Petersburg Russia. The firm reports that the individual was not behind the attacks themselves, but is, "a very well known programmer of malicious code."
'Off-the-shelf' code
The attacks were reportedly carried out by individuals who had bought the BlackPOS code, over 60 sales of which have apparently been made. Andrew Komarov, CEO of IntelCrawler, warned that other attacks using the code may be ongoing.
"Most of the victims are department stores. More BlackPOS infections, as well as new breaches can appear very soon, retailers and security community should be prepared for them," said Komarov.
BlackPOS reportedly tries a number of simple passwords to remotely hack store registers. "'It seems that retailers still use quite easy passwords on most remote-access'' servers, Komarov is reported as saying, also suggesting that there appear to be minimal restrictions on which individuals have access to remote point-of-sale servers in various companies.
