Target Malware Origin Details Emerge

Kaptoxa POS malware cited as culprit behind sophisticated, two-stage operation that moved 11 GB of stolen Target data via FTP to a hijacked server in Russia

Dark Reading Staff, Dark Reading

January 21, 2014

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Digital forensic investigators and information security researchers have positively identified the malware used in the recent attack against Target. The malicious code infected point-of-sale (POS) terminals at the retailer and then helped transfer the stolen data to an FTP server in Russia.

The attack against Target, which began in late November and continued until mid-December, resulted in the theft of 40 million credit and debit cards as well as personal information for as many as 70 million customers.

A joint federal-private report providing more details about the apparent hacking and malware campaign against Target has been distributed to firms in the retail and financial-services sectors. The report was jointly issued by the Department of Homeland Security (DHS), the Secret Service, the Financial Services Information Sharing and Analysis Center (FS-ISAC), and Dallas-based private cybersecurity firm iSight Partners.

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights