You are here

Home

Target Hackers Wrote Partly in Russian, Displayed High Skill, Report Finds

Primary tabs

Fri, 2014-01-17 16:40 — Kathy Gilbeaux

      

Target Hackers Wrote Partly in Russian, Displayed High Skill, Report Finds

wsj.com - by Danny Yadron - January 16, 2014

The holiday data breach at Target Corp. TGT -0.94% appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, according to a report prepared by federal and private investigators that was sent to financial-services companies and retailers.

The report offers some of the first details to emerge about the source of the attack that compromised 40 million credit- and debit-card accounts and personal data for 70 million people. It also provided further evidence the attack on Target during peak holiday shopping was part of a concerted effort by skilled hackers.

(READ COMPLETE ARTICLE)

Country / Region Tags: 
United States
General Topic Tags: 
Economics
Security
Terrorism
Vulnerability
Problem, Solution, SitRep, or ?: 
Problem
Groups this Group Post belongs to: 
Banking -- US
Economics
- Private group -

Comments

Fri, 2014-01-17 19:47 — Kathy Gilbeaux

Investigators probing the recent holiday season cyberattack are warning retailers about sophisticated malware that potentially affected a large number of stores.

cnn.com - By Evan Perez and Gregory Wallace - January 17, 2014

A homeland security official said Thursday that the malware is described in a government report that has been distributed to retailers.

The warning follows a massive breach at Target that compromised credit card numbers and other personal information on up to 110 million customers.

A private firm working on the investigation, iSIGHT Partners, said the hackers behind the malware "displayed innovation and a high degree of skill in orchestrating the various components of the activity."

(READ COMPLETE ARTICLE)

Fri, 2014-01-17 19:54 — Kathy Gilbeaux

17-years-old teenager is the author of BlackPOS/Kaptoxa malware (Target), several other breaches may be revealed soon

securityaffairs.co - by paganinip - January 17, 2014

The massive data breach at Target during the 2013 holiday shopping season which the retailer now admits affected 70 million customers used an inexpensive “off the shelf” malware known as BlackPOS. The same malware may have also been involved in the Neiman Marcus attack.

Security researchers from IntelCrawler, a Los-Angeles based cyber intelligence company, announced that the age of BlackPOS malware author is close to 17 years old and the first sample of it was created in March 2013.

(READ COMPLETE ARTICLE)

Fri, 2014-01-17 20:00 — Kathy Gilbeaux

iSightpartners.com - January 16, 2014

iSIGHT Partners, working with the U.S. Secret Service, has determined that a new piece of malicious software, KAPTOXA (Kar-Toe-Sha), has potentially infected a large number of retail information systems. A joint publication has been issued by the Department of Homeland Security, USSS, FS-ISAC and iSIGHT Partners.

Retailers:

    • If you have a POS system in operation, you may be at risk. If you are interested in a copy of the iSIGHT KAPTOXA POS Report, please contact ***@***.***.
    • If you believe that you have been compromised, immediately contact your local U.S. Secret Service Field Office/Electronic Crimes Task Force (ECTF) or the USSS toll free number at 877-242-3375.
    • For all inquiries pertaining to the official joint publication, please contact the DHS NCCIC Duty Officer at ***@***.*** or 1(888) 282-0870


Consumers:

      • Don’t be worried, but do be vigilant
      • As always, regularly check bank statements for fraudulent charges, monitor credit statements for unusual activity, and do not open email from unknown or suspicious sources
      • If you receive an email from what appears to be your bank or financial institution, do not open the email or click on any links. Instead, contact your financial institution directly via phone or website to avoid any phishing scams

iSIGHT Partners, working with the U.S. Secret Service, has determined that a new piece of malicious software, KAPTOXA (Kar-Toe-Sha), has potentially infected a large number of retail information systems. A joint publication has been issued by the Department of Homeland Security, USSS, FS-ISAC and iSIGHT Partners.

Retailers:

    • If you have a POS system in operation, you may be at risk. If you are interested in a copy of the iSIGHT KAPTOXA POS Report, please contact ***@***.***.
    • If you believe that you have been compromised, immediately contact your local U.S. Secret Service Field Office/Electronic Crimes Task Force (ECTF) or the USSS toll free number at 877-242-3375.
    • For all inquiries pertaining to the official joint publication, please contact the DHS NCCIC Duty Officer at ***@***.*** or 1(888) 282-0870


Consumers:

      • Don’t be worried, but do be vigilant
      • As always, regularly check bank statements for fraudulent charges, monitor credit statements for unusual activity, and do not open email from unknown or suspicious sources
      • If you receive an email from what appears to be your bank or financial institution, do not open the email or click on any links. Instead, contact your financial institution directly via phone or website to avoid any phishing scams

- See more at: http://www.isightpartners.com/2014/01/kaptoxa-pos-report-faq/#sthash.NYdQduo1.dpuf

Fri, 2014-01-17 20:16 — Kathy Gilbeaux

CLICK HERE -Twitter Feed - #BlackPOS

CLICK HERE - Twitter Feed - #KAPTOXA

Sun, 2014-01-26 21:49 — Kathy Gilbeaux

lancope.com- by Matt Robertson - January 19, 2014

 . . .

Additional analysis of BlackPOS by CrowdStrike [3] identified components of BlackPOS that were used as parts of the Target data breach to steal information; and more specifically the use of FTP over three different IP Addresses:

            199.188.204.182

            50.87.167.144

            63.111.113.99

With the publication of the above IP Address it is unlikely that they will continue to be used as a component of BlackPOS, but it is still possible to leverage the Lancope StealthWatch System and use this information to identify hosts that have been infected by BlackPOS in the past (and likely continue to be infected). 

The first step in StealthWatch is to first create a Host Group for the suspicious hosts and manufacture a host lock violation alarm to be fired just in case there is future communication with these known-bad IP Addresses.

(READ COMPLETE ARTICLE)

Tue, 2014-02-04 20:25 — Kathy Gilbeaux

wsj.com - by Joel Schectman - January 15, 2014

Still reeling from the hit to its reputation from last month’s massive data breach, Target Corp.TGT -0.54% faces nearly 70 class-action lawsuits.

Alongside the reputational harm, retailers like Target face the risk of a slew of legal actions when hackers steal consumer data. Customers and small banks have filed 68 class action suits, in 21 states and Washington, D.C., alleging Target didn’t take proper steps to protect consumer data, according to Tina Wolfson, an attorney at Ahdoot & Wolfson P.C., who is bringing one of the cases.

(READ COMPLETE ARTICLE)

Tue, 2014-02-04 20:29 — Kathy Gilbeaux

money.cnn.com - by Gregory Wallace - December 24, 2013

Just days after acknowledging a massive hack of customer credit card data, Target is facing at least two dozen lawsuits. And more could be on the way.

Customers in from California, Oregon and Washington to Louisiana, Massachusetts and Rhode Island have filed would-be class actions in federal courts, alleging Target was negligent and did not protect their card information.

Target (TGT, Fortune 500) said last week that 40 million credit and debit card numbers, expiration dates and security codes had been stolen.

(READ COMPLETE ARTICLE)

howdy folks
Page loaded in 0.428 seconds.