Target Malware Origin Details EmergeKaptoxa POS malware cited as culprit behind sophisticated, two-stage operation that moved 11 GB of stolen Target data via FTP to a hijacked server in Russia
Digital forensic investigators and information security researchers have positively identified the malware used in the recent attack against Target. The malicious code infected point-of-sale (POS) terminals at the retailer and then helped transfer the stolen data to an FTP server in Russia.
The attack against Target, which began in late November and continued until mid-December, resulted in the theft of 40 million credit and debit cards as well as personal information for as many as 70 million customers.
A joint federal-private report providing more details about the apparent hacking and malware campaign against Target has been distributed to firms in the retail and financial-services sectors. The report was jointly issued by the Department of Homeland Security (DHS), the Secret Service, the Financial Services Information Sharing and Analysis Center (FS-ISAC), and Dallas-based private cybersecurity firm iSight Partners.
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.